October 20, 2020

Volume X, Number 294

October 19, 2020

Subscribe to Latest Legal News and Analysis

Think a Cyberattack Will Never Happen at Your School? Think Again, and Plan Accordingly.

Imagine that it is the first day of school, and you go to log-in to your computer. You are denied access to the system. You get up from your desk to see if your colleague is having the same issue. Before you can say a word, your colleague says "No one can get on the network! IT says we have been attacked with ransomware."

As hard as that scenario might be for you to believe, situations like it have been occurring more frequently across the country. School districts are now a more common target of cybercriminals.

Why Would Schools be a Target?

School districts maintain troves of private data. That maintenance of data, coupled with potentially scarce resources to fend off intruders, makes school districts a more common target of cyberattacks. Recent attacks have occurred from New York to Louisiana, and places in between.

When attacks occur, cybercriminals have either harvested data to sell to identity thieves or used ransomware. Ransomware shuts down access to the target's network, until payment is received by the cybercriminal.

Key First Step

A key first step in addressing the threat of a cyberattack is both simple and challenging: Acknowledge that cybercriminals may target your school district. Without that key first step, school districts run the risk of overlooking the practical steps that may be taken to mitigate risks associated with a cyberattack.

Typical Source of the Problem

Cyberattacks come in many forms. However, one common origin for such attacks is through one unsuspecting person clicking on a link in a deceptive email.

Remember the enormous data breach that impacted 41 million Target customers?  That attack started with a deceptive email sent to one of Target's heating and cooling vendors. It was not even one of Target's employees that was fooled into clicking a nefarious link. It was an employee at one of Target's vendors. Nonetheless, the cybercriminals used that deceptive email as their entry point.

Steps to Prepare for the Attacks

The takeaway here is that everyone needs to be aware that cybercriminals may be targeting them, and vigilant about not falling for the latest schemes.

School districts can mitigate their risks associated with cyberattacks by confirming they have adequate cyber insurance coverage and making efforts to educate all users of their networks about best practices associated with technology usage.

©2020 von Briesen & Roper, s.cNational Law Review, Volume IX, Number 246


About this Author

James Wawrzyn, von Briesen Roper Law Firm, Milwaukee and Waukesha, Corporate and Healhcare Law Attorney

James Wawrzyn counsels clients on commercial contract negotiation, mergers and acquisitions, supply-chain alternatives, and general corporate matters. James collaborates with clients to identify and implement their priorities. For each project, James has a results-oriented approach. He continuously engages the stakeholders to recognize and actively address obstacles to finalizing priority items.

James is skilled in the preparation and negotiation of technology-based agreements such as master services, development and licensing...