IBM has awarded a total of $3 million in grants to US school districts to bolster their defenses against ransomware operators.
All United States public K-12 school districts were eligible to apply for the grants, designed to help school officials "proactively prepare for and respond to cyberattacks."
The grants, worth $500,000 each, have been awarded to school districts in Florida (Brevard Public Schools), New York (Poughkeepsie City School District), Georgia (KIPP Metro Atlanta Schools), Texas (Sheldon Independent School District), California (Newhall School District), and Colorado (Denver Public Schools).
IBM says that applicants were judged on their "cybersecurity needs and experiences, community resources and potential risks."
The IBM Education Security Preparedness Grant will sponsor IBM Service Corps, a group established in 2008 that will visit districts and review their current cybersecurity postures, as well as create assessments to identify "pain points" that need to be addressed to deal with ransomware.
Ransomware is a form of malware that in recent years has proved to be an extremely lucrative avenue for cyberattackers. If an intrusion and infection occur, victims will find themselves locked out of their systems and faced with a blackmail demand, usually in cryptocurrency and reaching millions of dollars, in return for a decryption key.
This key may or may not work, and if victims refuse to pay, they may also be faced with a double-extortion tactic -- in which any confidential data stolen during the initial stages of a ransomware attack will be leaked online or sold unless they bow to the cybercriminals' demands.
We've seen just how disruptive these attacks can be through the global WannaCry outbreak, and more recently, a ransomware outbreak on Colonial Pipeline's networks that caused fuel shortages as well as the impact on patients of Ireland's health service, which has also been targeted by ransomware operators.
When it comes to schools, 2020 was a "record-breaking" year for cyberattacks, according to the K-12 Security Information Exchange. In the organization's latest report on K-12 security, the group says that attacks have highlighted "significant gaps and critical failures in the resiliency and security of the K-12 educational technology ecosystem."
IBM says that the applications received revealed there is a massive disparity in cybersecurity budgets, with half of school districts able to raise less than $100,000 for cybersecurity spending -- an especially problematic fact for smaller districts, which face the same cybersecurity challenges as larger districts able to raise millions of dollars.
Over 7,800 US schools and over 4 million students were represented in the applications. In total, over 40% of districts said they had already suffered a ransomware attack, and over 55% of school districts have no security training programs in place.
The grant receivers will begin working with IBM this summer.
"It's extremely encouraging to see how many school districts are taking an active role in trying to better their cybersecurity," said Christopher Scott, Director of Security Innovation, Office of the CISO at IBM. "This is not only an important decision as schools continue to operate remotely, but also as students look to get back to the classroom."
Previous and related coverage
- DarkSide explained: The ransomware group responsible for Colonial Pipeline attack
- Ransomware: Two-thirds of organisations say they'll take action to boost their defences
- Iranian hacking group Agrius pretends to encrypt files for a ransom, destroys them instead
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0