The State of K-12 Cybersecurity: 2020 Year in Review

The State of K-12 Cybersecurity: 2020 Year in Review report is a joint product of K12 SIX and the K-12 Cybersecurity Resource Center based on data from its K-12 Cyber Incident Map, the definitive source of data on publicly-disclosed U.S. public K-12 cyber incidents.

The report tracked 408 incidents spanning denial-of-service, ransomware attacks and data breaches, among other threats. This is an 18% rise over incidents disclosed in 2019. Of the incidents, data breaches represented 145 cases, with at least 75% of all breaches the result of vendor penetration.

While the overall number of reported ransomware attacks decreased, the severity of attacks in 2020 increased. Threat actors continued to amend tactics to include data theft for leverage in ransoms, and ransoms rose to over $1 million per incident in some cases. Additionally, with the added impact of COVID-19, ransomware incidents causing school closures tripled from the prior year.

Incidents of spear phishing continue to impact K-12 school districts, with $2 million the median amount of money stolen per case, since 2016.

For more data and a more extensive breakdown of the threat and impact of cyberattacks against K-12 schools, you can download a copy of the report through the link here: https://k12cybersecure.com/year-in-review/