%20(1).svg){kind=small}
Fear is a common tactic used by businesses to make sales. If you can convince someone their house...
%20(1).webp?width=960&height=480&name=Phishing%20vs.%20Fishing%205%20Tips%20to%20Protect%20Your%20Business%20%26%20Top%20NWA%20Fishing%20Spots%20(5)%20(1).webp)
Details are still scant at the time of writing, but here's what we know: an unnamed "cybersecurity incident" is impacting Fort Smith Public Schools (FSPS). On July 21, FSPS made the following announcement on Facebook:
As the post reads, "Fort Smith Public Schools is experiencing a cybersecurity incident impacting our phone and internet systems districtwide. Currently, all communication systems, including phone and internet, are unavailable. We appreciate your patience and understanding as we work through this situation."
Quite a disruption. "All communication systems."
The school district followed up with this announcement on July 25:
According to 5News, "There is currently no confirmation on whether the incident is due to an outside cybersecurity attack or if it is an internal incident..." However, Talk Business & Politics is already calling the incident a "cyber attack."
As of right now, school officials don't expect the incident to impact the start of school — which is less than a month away.
Following a forensic investigation of the causes, the district is bringing communication systems back online. "...We are actively reinforcing and restoring our security systems to ensure a safe and stable environment," the July 25 Facebook post states.
But maybe it feels like you've heard this story before? As careful observers of the local IT/cybersecurity space, I know we have. Schools, colleges, and local governments, including such institutions in our region, are unfortunately no strangers to "cybersecurity incidents." And, as far as incidents go, cyberattacks garner a whole lot of headlines these days.
We've even written about some of the cyberattacks that have specifically targeted local schools and governments:
- The Little Rock Public School District
- Crowder College in Neosho, Missouri
- The City of Joplin, Missouri
- Central Baptist College in Conway, Arkansas
- The City of Bella Vista, Arkansas
And there are many — oh, so many — other examples of cybercriminals going after schools, colleges, and cities.
Which may lead you to ask a simple but important two-word question: What gives?
A Dangerous Error in How We Think About Cyberattacks
First, it needs to be stressed: cyberattacks are all around us. Six-hundred million per day, according to Microsoft. This means cyberattack prevalence extends well beyond — well beyond — the high-profile cases we see in news headlines.
It would be a fundamental and even dangerous mistake to think the work of cybercriminals is limited to only the cases we read about online or hear on the news.
Which leads to another point...
There Are Reasons We Don't Hear About More Cyberattacks
The ugly truth is, businesses of all shapes and sizes are in the crosshairs of cybercriminals. And many of these attacks — more than the headlines suggest — are indeed successful infiltrations by hackers.
In other words, a bad actor was able to access the system in an unauthorized manner — and perhaps access sensitive information or steal data or even collect a ransom in the thousands or millions of dollars. But for many of these organizational victims (for instance, small and medium-size businesses), there is no law requiring them to report the "cybersecurity incident."
Other organizations may be forced to report cyberattacks out of sheer necessity. For example, users can't access their services and, thus, the organization has to provide an explanation.
Schools, colleges, and governments generally fall into this category — required by law or necessity to report a cyberattack.
But many other organizations have the option to stay quiet following an attack.
As we've asked before, "If you owned a business, would you voluntarily inform customers, media, and the like that you were attacked if you weren't required to?" That's the wrong kind of publicity; enough to keep many SMBs hush when cybercriminals successfully attack their systems.
Additionally, many attacks — even successful attacks — are never detected by SMBs with rudimentary (or essentially no) cybersecurity measures in place. There was an attack; someone has accessed their network. The business just never knew it.
All that to say this: It's an error to conclude that cyberattacks happen to only or even mainly schools, colleges, and city governments. As seen, we're just more likely to know about the attacks on, say, public schools.
Yet, schools are uniquely vulnerable.
Let's explore why.
Why Are Arkansas Schools Often Targeted for Cyberattacks?
Again, we know few details of the FSPS attack, specifically.
But, we do know that schools are often targeted by cybercriminals, especially ransomware attacks. In 2022, the U.S. Government Accountability Office (GAO) issued the following warning:
In recent years, cyberattacks on K-12 schools have increased. Not only do these attacks disrupt educational instruction and school operations, they also impact students, their families, and teachers.
Emphasis on "have increased."
Indeed, between July 2023 and December 2024, a whopping 82% of K-12 schools sustained a cyber incident in some form, according to the Center for Internet Security (CIS). The CIS called schools "prime targets for cybercriminals."
The top threats? Ransomware, phishing and social engineering, data breaches, denial-of-service attacks, and malvertisements.
But why? Why the increase? Why are schools "prime targets"?
Let's look at just four reasons for this phenomenon:
%20(1).webp?width=960&height=240&name=5%20(5)%20(1).webp)
Limited Funds & Resources
Which do you think sounds like the more compelling argument for tax expenditures?
- We need to spend thousands (even hundreds of thousands) of dollars because our school may be targeted for cyberattack?
- We need to spend thousands/hundreds of thousands because we were attacked?
Given the political optics, it may be easier for schools and governments to be reactive than proactive vis-a-vis cyberattacks.
Which, of course, seems backwards. But political realities are political realities.
Consequently, many schools and their strained budgets may feel pressure to prioritize other things ahead of proactive cybersecurity measures. As the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned, "School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable; however, the opportunistic targeting often seen with cyber criminals can still put school districts with robust cybersecurity programs at risk."
Most vulnerable? Schools with "constrained resources" and "limited cybersecurity capabilities."
On the other hand, from the cybercriminal's POV, school districts — for reasons you're about to see — have also been known to pay rather large ransoms in the wake of a ransomware attack. The Little Rock School District, for example, paid a ransom of $250K.
Which goes back to the proactive vs reactive dilemma. Politically, it may be easier for schools to pay $250K reactively (because cybercriminals are threatening to release sensitive data) than proactively (because bad actors might stage an attack).
When hackers see a vulnerable system, perhaps due to a constrained budget, in the case of many schools, and the possibility of a nice payday — that fits the bill for an ideal target.
This shouldn't surprise us. We also know a great many cyberattacks pick on small businesses. Who often, like schools, are apprehensive to invest the necessary funds in safeguarding against attack —regardless of how prevalent those attacks are.
Technology Explosion
Education has become a much more high-tech affair. Especially in 2020, when COVID forced so much remote learning.
Think of all those — as we in the IT industry call them — endpoints. Every laptop, phone, printer, scanner, whatever...is an infiltration point where cybercriminals can gain access.
"It’s a growing problem that’s now tougher to tackle as districts lean further into the use of technology...To complicate matters, districts became much more reliant on technology during the pandemic, when they handed out millions of digital devices for remote learning, set up WiFi hotspots around their communities for students to access, and dramatically increased their use of online programs and apps for instruction."
Or as the GAO said, "The scale and number of attacks increased during COVID-19 as more schools moved to remote learning and increased their reliance on IT services."
And not just the technology of the schools themselves.
Bad actors also target the technology providers themselves — which may store troves of data about a school's students, families, and personnel. Need a very recent, very nearby example? Read what the Superintendent of Joplin Schools wrote when someone with a "compromised credential" accessed sensitive data from one of the school's technology providers, PowerSchool.
%20(1).webp?width=2000&height=500&name=6%20(4)%20(1).webp)
Loads of Confidential Data
Moreover, schools often retain massive amounts of data. Sensitive data. Data you really wouldn't want being exposed. Data, and this is the clincher for many cybercriminals, that you might even pay hundreds of thousands or millions of dollars to prevent from being released.
As the CISA wrote, "K-12 institutions may be seen as particularly lucrative targets due to the amount of sensitive student data accessible through school systems or their managed service providers." Furthermore, as EducationWeek pointed out: "And in most cases these days, nearly every computer system that stores data—from gradebooks to door locks to salary information—relies on some sort of online network that is capable of being hacked."
A lot of confidential data + In a lot of places = Prime cyberattack target.
Under Pressure to Deliver
We just expect schools to deliver. Parents, politicians, media, even the students themselves — all have expectations.
Cybercriminals can use this pressure to their advantage. Another reason public schools are preferred targets.
For instance, when school is scheduled to start, school — you know — really needs to start.
So is it any wonder that bad actors often unleash attacks on schools, as may be the case with Fort Smith schools, just weeks or days before the start of a new academic year? It shouldn't be, because the urgency of a new school year may further incentivize school districts to pay ransoms which, in turn, further incentivizes cybercriminals to stage the attacks in the first place.
And, indeed, there is empirical evidence, and a lot of anecdotal evidence (e.g., headlines), that the back-to-school season is also cyberattack-season on the public school system. A report from the Center for Internet Security found cybercriminals:
"...may increase attacks during specific times of the school year. Threat actors appear to ramp up the intensity of their attacks during the beginning of the school year, the mid-term period, and the very end into the summer."
Schools are expected to deliver. And these expectations can, under certain circumstances, play right into hackers' hands.
Big or Small — No Organization is Safe From Cyberattack
We're tired of the cybercriminals winning. We're especially tired of their egregious attacks on our schools.
There are ways to fight back; there are ways to safeguard.
Whether you use cybersecurity services from TekTrendz or not, defend against cyberattack — with professional-grade, expertly-managed security measures.
We get it, though: Many businesses don't know where to begin — and you're busy with other things.
We're here to help. Just click below for a free, no-pressure cybersecurity consultation with local IT experts...
...who really care. About your business, and about beating cybercriminals at their own game.
%20(1).webp?width=2000&height=500&name=7%20(2)%20(1).webp)
