top of page
  • Admin

K-12 Education At Risk: FBI Warns Of Increased Ransomware Attack

Published: August 7, 2020 on our newsletter Security Fraud News & Alerts Newsletter.

At a time when cybercriminals are successfully using coronavirus-themed hacks as a phishing lure, the FBI recently issued another warning about the spike in ransomware attacks against K-12 students. As the FBI sees it, during this pandemic time when schools are closed, ransomware gangs are revving-up their attacks against school computer systems. For those students now learning at their kitchen tables, and for the parents and teachers who want to keep them safe, this latest FBI ransomware alert urges them all to sit up and pay attention.

Citing statistics from Emsisoft antivirus company, the FBI warning revealed an increase in attacks against K-12 schools. Last year, 1,233 of these schools may have been targeted by ransomware. The numbers this year show that attacks in the first quarter of 2020 are up, with 422 schools targeted by the malware. If that pace keeps up, 2020 will be a record-breaking year for ransomware targeting K-12 schools. Since 2016, only 867 cybersecurity incidents were reported by K-12 schools but very few were ransomware-related.

At the heart of these attacks is a ransom demand requiring victims pay-up to get their data restored. These attacks have targeted universities, healthcare, finances, city services, and corporate America overall. According to the FBI, ransomware hacking groups are now adding K-12 schools to their victim list. The reason for this, the FBI believes is “K-12 institutions have limited resources to dedicate to network defense, leaving them vulnerable to cyberattacks.” Noting an increase in these attacks during the coronavirus pandemic, hacker gangs steal data and threaten to publish it if a ransom isn’t paid. This new twist can ratchet-up the urgency for schools to pay the ransom.

Earlier this year, the FBI released two ransomware alerts, each having to do with different attacks. One warning was about ProLock and the other about Ryuk ransomware. The FBI noted that Ryuk in particular, saw an increase in the number of attacks since September 2019. Both malware attacks use RDP (Remote Desktop Protocol) as their way into a system. Remote education relies on RDP connections for students to work, and RDP hacks have dramatically increased since coronavirus created the need to bring education into homes nationwide.

Since most K-12 schools have inadequate IT budgets, there are actions they can take to limit their vulnerability. School IT and administrators should do whatever budgets do allow in order to secure their systems. The FBI maintains that a ransom should never be paid as it only encourages more of the same behavior. There also is no guarantee hackers will hand over the data decryption key once they have the ransom payment. One of the most practical ways to survive a ransomware attack is by regularly backing-up system data. Should ransomware strike a school’s system, having current data back-ups can remove the need to pay a ransom and also provide the ability to quickly restore the hijacked data. Make sure to test data backups so they function properly when needed.

Want to schedule a conversation? Please email us at


bottom of page