Central Rivers Area Education Agency held a cybersecurity summit at it headquarters. Superintendents, information technology specialists, business managers and public relations staff were invited to attend.
"It makes me sad we're talking about this in education," said Sarah Nelson, the agency's director of IT and special programs. "It's not about 'if' but 'when.' We can be confident when it happens that we know what to do."
Aaron Warner, the chief executive officer of Iowa-based cybersecurity and compliance firm ProCircular, said in his keynote address that kindergarten through 12th-grade schools are becoming increasingly targeted because hacks are time sensitive.
"They know when you have thousands of students coming back on Monday and they hit you on Saturday, they know you're more likely to pay," Warner said. Hackers will gain access to systems and commonly require the computer users to pay in order to get their system and information back.
Warner said there is valuable data within school systems, such as information about both students and faculty. Such information for people under the age of 18 is very valuable, he noted. They most likely have no criminal record or tax filings and there's a smaller chance that targeting them will be tracked back as fraud.
Matt O'Brien, the director of technology for Waterloo Community Schools, said the FBI recently put out a specific memo regarding cybersecurity and K-12 schools.
"We've known we're becoming more and more on the radar for nefarious actors," O'Brien said. "Now we've had four large school districts that have had breaches this year that ever cements the realness of the threat and further increases the sense of urgency."
In early January, there was a cyber attack on Des Moines Public Schools which resulted in its buildings closing for three days while officials worked to resolve problems with computer network. On Jan. 24, the district announced it was continuing to fix the issue. The school district is the largest in Iowa, with 30,000 students and 5,000 employees.
In the summer of 2022, the Linn-Mar Community Schools in Marion detected unusual activity on it servers. The district later deemed it a computer breach, or an incident that resulted in unauthorized access to private information.
This happened just a month after the Cedar Rapids Community Schools had its own ransomware attack, which compromised personal information of almost 9,000 current and former employees, according to The Gazette.
The Quad City Times reported that Davenport Community Schools was also affected by a cyber attack in October.
Warner said people can help prevent security breaches by doing regular backups and using two-factor authentication, which will ask for a password and then send a code to a phone or email before granting access to the site. He also reiterated that people should not click risky-looking links or befriend people on social networks who they don't know.
After his presentation, Warner said K-12 schools are a "treasure trove" of information.
"Iowa (AEAs) are doing a good job at taking the subject seriously," he said.
©2023 Waterloo-Cedar Falls Courier (Waterloo, Iowa). Distributed by Tribune Content Agency, LLC.
