How Can School IT Departments Protect Against Cyberattacks?

By Carrie Dagenhard  (Tech Writer)

Cyberattacks against schools are on the rise. What can school IT departments do to protect against cyberattacks on students and faculty?


When you think of cyberattacks, you probably imagine shady hacking rings striking high-profile organizations like Fortune 500 companies, financial institutions, government agencies, and wealthy public figures. A public school system would likely fall to the bottom of your list of likely hack victims — if it made the ranking at all.

But, as it turns out, schools are quickly becoming a new favorite mark for cyberattacks. About 1 in 5 educational institutions have been targeted, according to data from SysGroup, and many aren’t prepared.

School Cyberattacks On The Rise 

In August of 2020, one East Texas district learned that lesson the hard way. According to PEW, just a few days before the start of the school year, hackers gained access to the Athens Independent School District’s network, encrypted its data, and set a hefty $50,000 ransom for the data’s release. Suddenly, teachers were unable to access their email, student data, schedules, and other pertinent information, and school leaders were forced to pay the ransom and postpone classes for an entire week.
Shool Cybercriminal bod 1
Less than a month later, hackers breached Fairfax County Public Schools in Virginia and published stolen data on the dark web. Then, in the summer of 2021, a San Antonio school paid ransomware hackers a staggering $550,000 to regain system access and prevent the publication of student and staff data.

And the list goes on. One report found that nearly 1,700 US schools were attacked in 2020 and, so far, 2021 hasn’t been much better. But, the good news is, you aren’t powerless.

Here’s what you need to know and five ways to reduce your school’s risk of becoming a cybercriminal’s next victim.

Why is Cybersecurity Critical for School Systems?

Cybersecurity threats against schools are growing — but why? The primary reason is they are simply easier targets. Funding-strapped school districts often rely on older equipment and technology and can’t always afford the same sophisticated protections as private companies. Additionally, because parents don’t typically monitor their children’s credit, student social security numbers are especially valuable on the dark web.

Additionally, the rates of cybercrime are rising for all sectors and industries. So it only makes sense that schools would see an uptick in threats as well.

Shool Cybercriminal bod 2Common Cyberattacks Targeting Schools

To help you get a better understanding of the cybercrime landscape and the threats you might encounter, here are two of the most common categories of cyberattacks waged on educational organizations:

Man-in-the-Middle (MitM) Attacks: This often occurs when teachers or students use school laptops or other mobile devices to access public Wi-Fi networks. Hackers can “eavesdrop,” gain access to an unsuspecting user’s device, and begin filtering and stealing data.

Third-Party Attacks: This happens when a cybercriminal infiltrates a third party with access to a school’s network, such as a vendor. A third party might include a software provider or a service provider.

Social Engineering Attacks: This is the most common category of attack. In this case, cybercriminals manipulate others to gain access to school networks and install malicious software. Here are a few examples of social engineering attacks:

Phishing Emails: These are seemingly genuine emails from a contact known to the recipient. Usually, these communications ask recipients to click a link or download an attachment that contains malware.

Pretexing Attacks: In this type of attack, a cybercriminal poses as an official, such as an administrator or member of the school board, and requests sensitive information via phone, text message, email, or even in-person.

Baiting attacks: Hackers sometimes load malware to a USB drive and then leave it in a conspicuous place. They may even label the drive something alluring, like “2021 faculty salaries,” to encourage the person who finds it to plug it in.

How to Help Prevent a Cyber Attacks

As a school leader or district decision-maker, dealing with cyber threats can be overwhelming — especially when you already have so much on your plate. Luckily, there are a few things you can do today to reduce your risk and strengthen your protections:

Assess Vendor Relationships: First, take time to complete a vendor audit. Make sure you thoroughly vet every third-party company you work with — from your attendance software provider to your payment processor and HVAC repair techs — and ensure they’re adhering to strict data protection regulations.

The Cookie bod 2

Educate Students And Faculty On The Risks: Cybersecurity is a team sport. From district leaders down to the classroom level, everyone should be trained on common threats, best practices for protecting data, and where to report suspicious activity. The more eyes and ears you have, the better your chances of discovering a risk before it becomes a catastrophe.

Support IT Teams: IT teams are stretched thin and, as schools become increasingly reliant on new technology (and increasingly threatened by cybercriminals), their burdens are growing. To help IT pros work more proactively, be sure to support them with reliable tech solutions. For example, efficient and effective helpdesk ticketing software and other automated tools can go a long way toward freeing up IT teams’ resources.

Invest in Asset Management: Every piece of hardware in your school or district represents an endpoint cybercriminals can exploit. That’s why it’s critical you always know exactly where your devices are (and with whom). Asset management solutions designed for schools help you keep track of everything, from laptops and desktop computers to tablets, keyboards, mice, and more.

Have An Incident Response Plan: What would you do if a cybercrime attack took down your school’s network tomorrow? If you haven’t already, it’s imperative you prepare an incident response plan that outlines precisely how you will respond and what you can do to limit downtime. While preventing an attack is preferable, it’s not always possible — and hackers are becoming craftier by the day. So, if you can’t stop an attack from happening, you at least need to know how you’ll recover. Trust us: it’ll help you sleep a lot easier.

As cybercrime grows, we expect the number of cyberattacks on school systems to continue increasing. And while there’s no way to guarantee you won’t become a victim, taking these preventive and preparatory measures today can significantly reduce your risk. 

SherpaDesk is the definitive helpdesk solution for all your support, project management, and billing issues. 

Ready to get a handle on your small business? 

Power your helpdesk with your Free Online SherpaDesk Support Desk Software.


Sign Up for Our Blog Updates and Stay
on Top of the Latest News and Tips


Carrie Dagenhard
By Carrie Dagenhard

Carrie specializes in technology storytelling while residing in the "Silicon Hills" of Austin, TX.