Thousands of Students Forced to Stay Home Amid Cybersecurity Incident
Thousands of students in New Jersey were unable to attend school Monday after a cybersecurity incident caused technical difficulties across the Freehold Township School District, administrators said.
Superintendent of Schools Neal Dickstein sent an email to families late Sunday night announcing that classes were canceled for the entire district, which includes an early childhood learning center, five elementary schools and two middle schools. Dickstein cited “technical issues related to a cybersecurity incident” and said the district “retained outside IT expert consultants who are working around the clock to assess, contain, remediate, and fully restore operations.”
Further details surrounding the incident and its potential impact on the district’s network environment were limited, and it remained unclear if Freehold Township schools would reopen by Tuesday. But the situation has raised fresh concerns that U.S. school districts could be increasingly vulnerable to cyberattacks as ransomware groups launch new campaigns against the education sector.
Schools and academic institutions have long been seen as a top target among criminal hackers. The Cybersecurity and Infrastructure Security Agency and the FBI issued an alert in 2020 that said cyber actors “view schools as targets of opportunity” and warned that attacks against K-12 educational institutions would likely increase, leading to theft of data, ransomware attacks and the disruption of distance learning services.
The federal government also warned that K-12 schools faced significant cybersecurity vulnerabilities due to resource constraints and a lack of security personnel and technical expertise. The White House hosted its first-ever cybersecurity summit for K-12 schools in August, where Deputy National Security Advisor for Cyber Anne Neuberger warned that academic institutions were increasingly at risk.
“Last school year, schools in Arizona, California, Washington, Massachusetts, West Virginia, Minnesota, New Hampshire and Michigan were all victims of major cyberattacks,” Neuberger said.
The administration sought to get ahead of ransomware attacks for the current school year by issuing a slate of new initiatives. It launched a new government cybersecurity council led by the Department of Education, and CISA announced plans to train 300 K-12 entities over the year (see: White House Pushes Cybersecurity Defense for K-12 Schools).
Reports indicate the rate of ransomware attacks targeting K-12 schools in the U.S. is soaring, and the education sector faced a 70% surge in attacks throughout 2023, according to security research firm Malwarebytes Labs.
Michael Amoroso, president of the Freehold Township Board of Education, told reporters Monday that “there’s an ongoing investigation” and added: “We’ll certainly make an announcement about [Tuesday] when the time comes. There are people working on it throughout the day.”