Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Subscribe
Products & Solutions

The FCC’s Cyber Program: Strengthening America’s Cybersecurity Through K-12 Schools and Libraries

JEFFREY ADORNO, JEREMY JAMES, GREG BUCHANAN
October 10, 2024 - 5 min read
Ransomware

Contents

  1. Introduction
  2. Ransomware
  3. Phishing Attacks
  4. Malware
  5. Data Breaches
  6. The FCC's Schools and Libraries Cybersecurity Pilot Program
  7. Conclusion
  8. More blogs

The Federal Communications Commission’s (FCC) Cybersecurity Pilot Program is leveling the playing field for K-12 education institutions to press on the gas toward zero trust and make the paradigm shift to modernized cybersecurity.

Education’s digital transformation and our mobile-first world have brought unprecedented levels of technology, connectivity, and unfortunately predatory sophisticated threats to America’s schools and libraries. Below is a snapshot of cyberthreats targeting K-12.

Ransomware

Targeted ransomware attacks: The ThreatLabz team reported a 25% increase in ransomware attacks on K-12 schools in the first half of 2023. Attackers exploited outdated software and insufficiently protected remote access points. 

Ransom demands and impact: The average ransom demand reported in these attacks was approximately $150,000, with some demands exceeding $500,000. Schools faced significant disruptions, sometimes taking weeks to fully recover.

Ransomware attacks by industry
Ransomware attacks by industry

 

Phishing Attacks

Rise in phishing campaigns: In 2023, Zscaler's ThreatLabz detected a 40% increase in phishing attacks targeting the education sector compared to the previous year. The campaigns often used themes related to school administration and student information to lure victims. 

Credential harvesting: Many of these phishing attacks aimed to harvest credentials for remote learning platforms and school administrative systems.

Malware

Increase in malware variants: There has been a noticeable rise in the variety of malware targeting K-12 institutions. ThreatLabz reported that educational institutions faced a 35% increase in malware attacks in 2023, including trojans, spyware, and adware. 

Delivery methods: These malware attacks were frequently delivered through phishing emails and malicious websites designed to mimic educational resources.

Data Breaches

Exposure of student data: In 2023, ThreatLabz identified several significant data breaches in K-12 schools, with student and staff personal information being exposed. These breaches were often the result of successful phishing attacks or exploitation of unpatched vulnerabilities. 

Impact of breaches: The breaches led to the exposure of sensitive information, including student names, addresses, social security numbers, and academic records, affecting thousands of individuals. 

 

To address these concerns, the FCC has announced a groundbreaking initiative—the Schools and Libraries Cybersecurity Pilot Program. As a cybersecurity staple for over 400 public sector organizations including several of the largest K-12 school districts in the country—and a key partner at all levels of US state, local and federal government—Zscaler is positioned to play a pivotal role in enhancing cybersecurity for educational institutions.

The FCC's Schools and Libraries Cybersecurity Pilot Program
 

Overview 

The FCC's Schools and Libraries Cybersecurity Pilot Program bolsters the America’s K-12 schools and public libraries’ cybersecurity posture across our nation. Recognizing the unique vulnerabilities and limited resources these institutions often face, the FCC aims to provide financial assistance and expertise to help them secure their digital environments. 

Objectives 

  • Enhance cybersecurity infrastructure: 
    Provide schools and libraries with the necessary tools and technologies to protect against cyberthreats. 
  • Increase awareness and education: 
    Promote cybersecurity awareness and best practices among educators, librarians, students, and staff. 
  • Facilitate collaboration: 
    Encourage collaboration between educational institutions, cybersecurity experts, and government agencies to share knowledge and resources. 

Funding and Implementation 

The pilot program will allocate funds to eligible schools and libraries to support various cybersecurity initiatives, including:

  • Purchasing and implementing advanced cybersecurity solutions 
  • Conducting cybersecurity training and awareness programs 
  • Hiring cybersecurity professionals or consultants 
  • Developing and executing comprehensive cybersecurity plans 

How Zscaler Can Enhance Cybersecurity in Schools and Libraries 

As a leading cloud security company, Zscaler surpasses cyber rubric requirements and future proofs K-12 to fight against nextgen cyberthreats. Here’s just a few ways Zscaler can support the FCC's pilot program and enhance the security of educational institutions: 

  • Consult on Cybersecurity Plans while aligning to zero trust-compliant solutions and FCC Cyber Pilot funding requirements 
  • Improve K-12 whole-of-state cybersecurity via a zero trust architecture in a shared services model through a multitenant cloud security platform 
  • Provide zero trust architecture solution education that can support selecting the right solution for the application process 
  • Educate stakeholders on the positive impacts of a zero trust architecture, i.e., cost benefit, IT operations improvement, mitigated risks, etc. 
  • Solution architects to map out a multi-year transition to a zero trust architecture 
  • Business value team to construct cost/benefit analysis 
  • Risk assessment to identify high priority cyber risk vulnerabilities 
  • Provide zero trust-compliant solutions

Conclusion

Educational institutions face mounting pressure as the fourth-most affected sector by ransomware. Between April 2023 and April 2024, educational organizations were hit by 217 ransomware attacks, marking a year-over-year increase of more than 35%. This surge highlights a troubling trend: cybercriminals are progressively targeting schools, colleges, and universities—and their troves of sensitive student data. 

The FCC recognizes these threats have sounded the alarm with the Schools and Libraries Cybersecurity Pilot Program which represents a significant step forward in not only safeguarding vital educational institutions’ digital environments but also protecting America’s future, literally. By providing financial support and promoting collaboration, the program aims to address the unique cybersecurity challenges faced by schools and libraries. 

Zscaler, with its comprehensive cloud security platform and expertise, is well-equipped to help these institutions enhance their cybersecurity posture. From advanced threat protection to secure remote access, Zscaler's solutions provide the robust security needed to protect against cyber threats, ensuring safe and secure learning environments. 

As schools and libraries strengthen their cybersecurity defenses, partnering with Zscaler provides K-12 with cyber protection tech tools, modern knowledge, and gold-standard support needed to fight global cyberbullies (pun intended). Together, we can create a safer digital future for our educational institutions. 

Visit our education page and reach out to Zscaler to schedule a conversation about how we can support your school.

form submtited
Thank you for reading

Was this post useful?

vote yes
Yes, very!
vote no
Not really

Explore more Zscaler blogs

NYC DOE Blog
NYC Department of Education Builds the Pipeline for Future Cybersecurity Professionals
Read post
Ransomware Attacks on Healthcare, Education, and Public Sector
5 Key Takeaways: Ransomware Attacks on Healthcare, Education, and Public Sector
Read post
Students at Lafayette School - Photo Credit: Skansa
How to Stop K-12 Ransomware Attacks with Zero Trust
Read post

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.