Published Friday, October 8th, 2021 | 14 o’clock
Updated Friday, October 8th, 2021 | 3:36 pm
A hacker released Clark County School District records, including employee social security numbers and student names, addresses, and grades, following a ransomware attack on the school system in August 2020.
The bipartisan K-12 Cybersecurity Act of 2021, enacted today by President Joe Biden, will provide resources to school districts to help them protect themselves from cyberattacks.
“We can do this best when we get together,” said Senator Jacky Rosen, D-Nev., Who helped fund the law after the attack on the Clark County School District, the fifth largest school district in the United States. “It will instruct the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency to provide an in-depth look at the vulnerabilities in school districts across the country.”
The agency will investigate the challenges schools face in keeping their information systems and sensitive student and employee files secure, the bill states.
“Cybersecurity issues have hit public schools across the country, and CCSD is working to ensure that the information of our students, their families and the county staff is safe from cyber criminals,” the county said in a statement.
The criminal data breach against CCSD is “unacceptable,” said Rosen. After the district refused to pay a ransom, the hacker published the sensitive documents on the Internet.
Other vulnerable units across the country have also been the victims of ransomware attacks, which are more common, Rosen said. In such attacks, hackers lock computer data and demand a ransom to release it.
In 2020, 1,681 schools, colleges and universities in the US and 560 healthcare facilities were victims of ransomware attacks, according to Emsisoft Malware Lab.
The University Medical Center reported a hacking incident this summer that affected approximately 1.3 million people. Victims’ driver’s license, social security and passport information were compromised when hackers accessed a server, officials said in June.
“We have to do everything we can to make sure we are proactive in this,” said Rosen.
Over the next year, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency will be providing information to superintendents across the country on resources and online tools for defense against attacks.
School staff can also attend webinars and presentations to protect themselves through measures like changing passwords, Rosen said.
Rosen said she has some other cybersecurity bills in the pipeline, including one that will help protect the country’s power grid and other infrastructure.
Another bill provides for cyber training for the junior reserve officer training corps.
Rosen and other senators also introduced a bipartisan resolution dubbed this month National Cybersecurity Awareness Month, which the resolution said aims to raise awareness and improve the state of cybersecurity in the country.
“Many aspects of our daily life depend on the Internet,” said Senator Bill Cassidy, R-La., Who also introduced the resolution. “Cyber Security Awareness Month is a reminder that we must constantly improve our defenses against new cyber threats.”