Aug. 7 (UPI) — The White House on Monday announced a plan to strengthen cybersecurity in public schools amid a growing number of ransomware attacks targeting districts across the country.
Administration officials — including first lady Jill Biden, Education Secretary Miguel Cardona, and Homeland Security Secretary Alejandro Mayorkas — will sit down at the White House Monday with a host of school administrators, teachers, big tech executives, and technology experts to discuss the growing need for better digital security in the nation’s schools.
The talks were intended to reinforce best practices to prevent cyberattacks, and to present new resources that would shore up data security in more than 13,000 school districts across America, the White House said in a statement.
“The commitments made today will help ensure the nation’s schools are in the best position to secure their networks to keep their students, educators, and employees safe,” the White House said.
As part of the effort, several private companies have already agreed to provide free and low-cost resources to school districts, including $20 million from Amazon Web Services to establish a K-12 cyber grant program for all districts, providing free security reviews and training, as well as no-cost cyberattack response assistance.
Google has also released an updated K-12 Cybersecurity Guidebook to ensure the security of Google hardware and software applications used in schools.
Other cloud-based K-12 software providers, including Cloudflare and PowerSchool, have vowed to support the government’s initiative through free and subsidized security services.
The growing effort comes as at least eight K-12 districts nationwide were hit by cyberattacks during the past year — including at least four major hacks that forced schools to shut down for days if not weeks, the White House said.
In those cases, hackers stole sensitive personal information, including student grades, medical records, documents on home and behavioral issues, and personal financial data, as well as employee information.
Confidential information about school security systems was also swiped and leaked online.
A typical cyberattack lasts three days to three weeks, with school systems needing anywhere from two to nine months to get back to normal operations, according to a report from the U.S. Government Accountability Office.
Losses generally range from $50,000 to $1 million.
Last month, the Federal Communications Commission announced a program under the Universal Service Fund that will provide up to $200 million over three years to strengthen cyber defenses in K-12 schools and libraries.
Additionally, the Education Department will establish the Government Coordinating Council, which will be responsible for coordinating policy and collaboration between the federal government and local-level education leaders.
“The GCC will be a key first step in the Department’s strategy to protect schools and districts from cybersecurity threats and for supporting districts in preparing for, responding to, and recovering from cybersecurity attacks,” the White House said.
Prior to Monday’s meeting, the Education Department and the Cybersecurity and Infrastructure Security Agency released the K-12 Digital Infrastructure Brief, which will serve as a blueprint for educational leaders to build and sustain digital safeguards, specially tailored for each district.
The agency will provide training and hands-on exercises at hundreds of locations throughout the coming school year.
The FBI plans to release an updated resource guide on how to report cybersecurity incidents, as well as how to utilize the Justice Department’s cyber defense capabilities.
In July, the White House released a national strategy to address cybersecurity as the administration was investigating a major hacking incident that compromised unclassified emails at the Commerce and State departments in May.
The National Cybersecurity Strategy seeks to make two fundamental changes in the government’s digital security protocols, including a plan to enlist more help from the private sector to mitigate cyber risks, and a program to boost federal incentives to companies that make long-term investments in cybersecurity.