Cybersecurity is a growing concern for Iowa’s public school districts after cyberattacks hit computer networks at Glenwood, Cedar Rapids, Davenport and, most recently, Des Moines Public Schools.
Des Moines’ network was hit over the weekend, prompting the district’s IT staff to take it offline Monday and resulting in school being cancelled for Tuesday and Wednesday, according to the Associated Press. The district announced Tuesday that it would resume classes on Thursday. Students will have to make up the lost time.
Schools now rank fourth as a target of cyber criminals, according to John Stile, chief technology officer for Council Bluffs Community School District, who spoke during the Board of Education meeting Tuesday.
“The threat is real,” he said. “We definitely are a target. Our district tech team works hard each and every day to meet that threat.”
People are also reading…
Cyberattacks and breakdowns can “disrupt education and critical operations; expose sensitive personally identifiable information of students, teachers and staff; and lead to high recovery costs,” Stile said.
The district’s Goal No. 3 is to “Improve and maintain learning facilities.” Part of that is for all classrooms to be equipped with updated technology, Stile said.
That means having good cybersecurity and a dedicated IT staff, he said. It also means protecting financial and personnel records.
Types of cyber threats include the following, he said:
Data breach — Confidential information is leaked or spilled from a secure to an unsecure environment.
Denial of service — A network is paralyzed by deliberately overloading it with requests.
Spoofing/phishing — An email purporting to be from a legitimate organization attempts to lure the recipient into connecting to a link, thereby providing the sender with access to protected systems.
Malware — Illicit software damages or disables devices, servers or networks.
Ransomware — A perpetrator encrypts files in a targeted network, then demands payment of a ransom before allowing the user to regain access to the data.
The district protects against these threats through the following, Stile said:
Maintaining up-to-date firewalls
Using a denial of service protection service
Using endpoint detection and response protection
Using enterprise management server protection
Using the paid Google Workspace
Using a backup system
Getting threat alerts from a multi-state information sharing resource and the Office of the Chief Information Officer of Iowa, which provides weekly updates
The EMS protection monitors devices to show whether operating systems programs and virus protection are up to date, Stile said. It helps the help desk in real time and provides a daily report.
“When something happens and we know something’s going wrong, we can dispatch a tech immediately,” he said.
In November, the IT department conducted a phishing campaign, Stile said. Two emails were sent to all staff members to see if people would click on them. Google Workspace blocked the sample email, so security had to be reduced during the test.
More than 6,000 emails were sent out, and 328 recipients clicked on the emails, Stile said. Of those, only six actually exchanged data with the source. In similar tests, other districts have often had 50% or more click.
“We did really well here in Council Bluffs Schools,” he said.
All of those who clicked were directed to a brief phishing training course.
Besides Google Workspace, Chromebooks themselves have built-in security protection, Stile said. Chromebooks have two operating systems and do not need an outside endpoint detection and response mechanism.
“If, for whatever reason, something has changed the code on the operating core, the machine reboots, and it makes an exact copy of the original, and you’re off and running again,” he said. “That’s essentially, for PCs, what EDR is doing.”
“John has done such a good job of making sure we are protected,” Superintendent Vickie Murillo said.
The IT department last summer banned TikTok, which is not very secure.