North Carolina school districts prepare for increasing threat of cyberattacks: 'Uptick in attacks'
NASHVILLE, N.C. (WTVD) -- It's no longer just fire drills that North Carolina school districts have to practice. In recent years, school officials have taken steps to address a new and growing threat: cyberattacks.
"We've seen an uptick in attacks, attempted attacks, and the impact from those attacks over the last several years," said Torry Crass, the state's chief risk officer with the North Carolina Department of Information Technology (NCDIT).
NCDIT reported nine cyber incidents this year that involved education systems -- a big increase from the last two years.
Earlier in August, this growing threat nationwide received a national spotlight when the Biden administration encouraged schools to start cyber drills.
These attacks can put staff and students' information at risk, close schools and be costly.
Nash County Public Schools is one of the districts already implementing training on cyber security awareness. The district has made major investments in technology that allow technology officials to monitor all devices and systems in the district from a single command center.
"We contain just as much sensitive data and information as an entity does. It's important for school systems to take the right steps and measures to protect that data. And we have children. These are all minors; these are students. We need to make sure we're protecting their intellectual property, our staff's intellectual property, and also the financial reputation of our institutions as well," explained Heather Finch, the executive director of Communication, Planning, and Engagement at Nash County Public Schools.
The U.S. Government Accountability Office recently reported that a cyberattack can lead to learning loss for three days to three weeks and take schools months to fully recover. The report found these attacks can cost schools up to $1 million. The Office made recommendations for the U.S. Department of Education and Department of Homeland Security to evaluate schools' cybersecurity services and establish a way to coordinate these efforts.
Cyberattacks against schools can look like a phishing email or a ransom attack that blocks access to critical components.
One of the reasons there is an increased need for cyber security is the uptick in devices used in educational settings.
"As you increase that technology footprint, the risk also comes with it," Crass said.
Part of that increased risk is the learning loss that can follow if systems do get attacked.
"Learning is tied very closely to the availability of computer systems. And that means if the computer systems aren't available, even with a return to classrooms...it can be very impactful, very difficult, sometimes impossible to have class if these systems aren't available," Crass said.
The I-Team reached out to local districts about recent attacks and financial loss. Most that responded reported no ransom attacks and no loss of money through cybercrimes.
The Alamance-Burlington School District did report that over the summer staff and student emails were included in a data breach that impacted school districts nationwide.
"While any exposure of data is concerning, our technology team has taken appropriate steps to further strengthen protections and mitigate potential risks from this incident," a spokesperson for the district wrote.
In the past, cyberattacks have led to greater impacts at other North Carolina schools.
A cyberattack closed an Asheville charter school earlier this year and in 2020 hackers demanded money from Haywood County Schools to stop an attack that led to the canceling of classes for days.
At the university level, the I-Team previously reported Appalachian State University and UNC-Chapel Hill have reported losing hundreds of thousands of dollars in cyber-related fraud.
NCDIT is part of the NC Joint Cyber Security Task Force that assists schools across the state before and during attacks. This year, Crass said that the team has already helped prevent a number of attacks from having a significant impact.
"So we were able to actually get ahead of that and intervene before anything actually took place that would've affected systems or data or any, any of those walls or structure," Crass said.
Nash County Public Schools is one of the districts that partners with the state.
"They are our eyes outside of our network and we are the eyes inside. So if we did not have that partnership, then we would have to have a whole team to watch out for the things that are coming in and just making sure that we are protected. But because we're partnered with them, that is a financial burden lifted and it's just more eyes to keep us safe," explained Tremain McQueen, the exec. director of technology at Nash Co. Public Schools.
Internally, Nash County School District has installed virus protection software, incorporated content filters, and added software that combines security awareness training with simulated phishing attacks. The district attributes the combination of its partnership with the state and these beefed-up measures for why they have not been impacted by cyberattacks yet.
"These partnerships, and overly communicating the safeness of being online and for us as a team to overly communicate with each other and have a plan and that chain of command is integral to keeping the district safe," Finch said.
Crass shared that the guidance to avoid attacks in educational settings closely follows workplace recommendations. Those include not opening suspicious links, ensuring antivirus software is up to date, using strong passwords,
NCDIT also issues guidance to schools on how to best guard against significant attacks.
