FCC announces cybersecurity effort for schools, libraries | News
The Federal Communications Commission has created a $200 million pilot program aimed at improving cybersecurity at schools and libraries across the country.
“Last year, school districts as large as Los Angeles Unified in California and as small as St. Landry Parish in Louisiana were the target of cyberattacks,” FCC Chairwoman Jessica Rosenworcel wrote in announcing the new effort.
While not entirely detailed, the program aims to learn how to improve school and library defenses against increasingly sophisticated ransomware and cyberattacks, according to an FCC news release.
With schools becoming the focus of cyberattacks, the personal information of students, parents and teachers is at risk more than ever.
The three-year program would be the first federal funding stream to help school districts improve security.
The initiative, modeled after the Connected Care Pilot Program and funded through the Universal Service Fund, will work with participating schools and libraries to strengthen cybersecurity measures and improve infrastructure.
“The (program) will allow the Commission to gather data needed to understand better whether and how universal service funds could be used to support the cybersecurity needs of schools,” the release read.
Rosenworcel cited St. Landry Parish to highlight that even smaller school districts are being targeted by ransomware attacks.
In August 2023, St. Landry Parish became aware that its servers and stored data had been encrypted, meaning the information could not be accessed.
A week before, the hacker group Medusa put a $1,000,000 bounty on the data it stole before publishing private and sensitive information like Social Security numbers on the dark web, according to a joint investigation with The 74 and the Acadiana Advocate.
The St. Landry Parish breach is part of an increase in cyberattacks targeting school districts nationally in the past few years. Victims range from rural school systems to those in major metropolitan areas such as Los Angeles, Las Vegas, Minneapolis and suburban Washington, D.C.
In 2023, University of New Orleans, River Parishes Community College, Nunez Community College, Southern University at Shreveport and LSU Agricultural Center were told by state police their networks were possibly attacked.
These attacks also loom under the shadow of the one of largest cyberattack in American history with the attacks on the Office of Motor Vehicles. That attack, known as MOVEit, leaked the information of any Louisiana resident holding a state ID but also had international impacts.
“Schools are target rich environments for cyberattacks, such as ransomware, and are low hanging fruit because they are often resource constrained and lack cyber expertise. Bad actors know this, and take advantage of it,” FCC Commissioner Geoffrey Starks wrote in a report.
In 2023, the education services sector experienced more than 1,700 attacks, up 258% from 2022.
These attacks can take schools offline for several days and sometimes weeks. The disruptions lead to children losing out on valuable learning time at best and their private information being readily available online at worst.
“This situation is complex. But the vulnerabilities in the networks we have in our Nation’s schools and libraries are real — and growing. So today we are doing something about it,” Rosenworcel wrote.
