The Highline Public Schools district, which serves more than 17,500 students across 34 schools in Washington State, recently reported a cyberattack on its systems. As a result of the incident on Monday, September 9, all district schools were closed, with no clear indication of when they would reopen. The attack also impacted sporting events and meetings, preventing first graders from starting the school year as scheduled.
The district administration stated that it had detected unauthorized activity within its technology systems and immediately took steps to secure them. Federal and regional cybersecurity experts are currently working to restore normal network operations. The district emphasized that the safety of students remains the top priority, despite the inconveniences for families and staff.
As a precautionary measure, district staff were temporarily prohibited from using work computers and laptops, and internet access in schools was disabled. This limited staff access to essential applications necessary for the safe functioning of schools, although access to email through Office 365 and work phones remained available.
Tove Tapper, the district’s spokesperson, noted that no personal data breaches involving staff or students had been detected, but access to critical systems, such as school transportation management, had been affected. Tapper stressed that restoring access to these systems is particularly important at the start of the school year.
Cyberattacks on schools have become increasingly common in many countries, particularly at the beginning of the academic year, when institutions are most vulnerable. Earlier this year, a school in Essex, UK, was similarly forced to close just before important exams due to a ransomware attack that locked access to its IT systems.
Security experts explain that the start of the school year presents an opportune time for hackers seeking to pressure schools into paying ransoms quickly. In their view, attacks on educational institutions during critical moments are akin to cyberattacks on other industries during periods of peak activity.
Don Smith, Vice President of Secureworks, remarked that even with limited resources, schools can defend against cyber threats. He emphasized the importance of regularly updating network systems and implementing multi-factor authentication to strengthen the cybersecurity of educational institutions.
