US Senators Introduce Bill to Protect Schools Against Cyber-Threats
A bill designed to enhance the cybersecurity of K–12 schools was introduced to the US House of Representatives on Monday.
If passed into law, the K-12 Cybersecurity Act would require the Department of Homeland Security (DHS) to create a list of cybersecurity recommendations and a cybersecurity toolkit for educational institutions to use when making improvements to their cyber-protections.
The bill was introduced by Senators Rick Scott and Gary Peters, who both serve on the Senate Homeland Security Committee.
Peters, who also serves on the Governmental Affairs Committee, said: "Schools across the country are entrusted with safeguarding the personal data of their students and faculty, but lack many of [the] resources and information needed to adequately defend themselves against sophisticated cyber-attacks."
Support for the bill has been expressed by the National Education Association, the American Federation of Teachers, the National Association of Secondary School Principals, and the Consortium for School Networking.
It would further require the DHS to research and report back on the overall cyber-risks faced by schools.
Scott said: "The safety of our schools is always my top priority, and that includes protecting the information of our students and teachers. I’m proud to sponsor the K–12 Cybersecurity Act of 2019 to further protect our schools, students and educators, and give them the resources they need to stay safe."
The bill closely mirrors the State and Local Government Cybersecurity Improvement Act, which was introduced to the House in August but has yet to see any action.
According to data collected by Armor, over 1,000 schools in the United States have been affected by ransomware alone in 2019. In Louisiana, Governor John Bel Edwards declared a statewide emergency in July in response to ransomware attacks on three school districts.
It isn't just malware that poses a risk to American schools. In August 2019, a high school in Spotsylvania County, Virginia, wired $600,000 to a fraudulent football field turf provider after being deceived in an elaborate email phishing scam.
"School districts are a treasure trove for cyber-criminals seeking to pilfer valuable information, such as social security numbers and financial information until a ransom has been paid. From January through November of this year, SonicWall detected almost nine million intrusion attempts, demonstrating the tenacity and dedication of online threats and threat networks," commented Bill Conner, CEO of cybersecurity firm SonicWall.
Source: Information Security Magazine