StateScoop reports that cyberattacks against K-12 schools across the U.S. have been noted by K-12 Security Information Exchange founder and CEO Doug Levin to be continuously increasing both in severity and prevalence.
Data from K-12 SIX's interactive map revealed that cybersecurity incidents targeted at public schools and districts have totaled 1,619 from 2016 to 2022, with school districts in California, Illinois, New York, and Texas being the most vulnerable to attacks, and Levin noted elevated data exfiltration incidence from ransomware attacks against K-12 schools.
Inadequate cybersecurity awareness has been a key failing among school districts, according to Levin.
"When we see school districts compromised, usually the root cause is because of running unpatched or older software and IT systems that are exposed to the internet with credentials that have been compromised because school districts have not implemented a multifactor authentication," Levin said, adding that improving school cybersecurity also requires increased legislative support for cybersecurity assistance and standards.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Milan-based private investigations firm Equalize led by former top cop Carmine Gallo was reportedly behind the years-long hacking campaign, which was facilitated by bribes to police officers, remote access trojan compromise, and the breach of the Italian Interior Ministry computer system's maintenance personnel.
Most of the vulnerable CyberPanel implementations, which could be taken over using the security issue, were in the U.S., followed by Germany, Singapore, Indonesia, and India, according to threat intelligence search engine LeakIX.