A ransomware attack involves "threat actors" using malware (i.e., malicious software) to harm school district devices, networks, or servers. It can be used to steal data, damage the district's system, or spy on district students and/or staff. These threat actors use malware to block access to a school district's network systems and hold regained access ransom until their financial demands are met. 

While not always a centerstage concern for school districts, between the years 2016 and 2022, ransomware attacks on school districts saw a staggering 393% increase. School districts have become target rich environments for threat actors as districts house large amounts of sensitive information but often do not possess the technological infrastructure or institutional knowledge base to offensively or defensively combat these issues. Accordingly, a 2024 U.S. Department of Homeland Security threat assessment report characterized school districts as "a near constant ransomware target." 

In the absence of a federal or other standardized response procedure, school districts across the country have used their best efforts to navigate these frightening and at times fiscally paralyzing events. Some states as well as the U.S. Department of Education have stepped in to support school districts facing hardship following an attack but what can school districts do to take preventative measures? Follow this five-part series to learn more about the landscape of school district cybersecurity!