Bill Seeks to Provide Federal Support for K-12 Schools Against Cyberattacks
Legislation reintroduced by House lawmakers would give K-12 institutions federal support to thwart cyberattacks, which have become rampant amid the COVID-19 crisis.
If signed into law, the Enhancing K-12 Cybersecurity Act would appropriate $20 million over the next two years to support a K-12 Cybersecurity Technology Improvement Program. Headed by the Cybersecurity and Infrastructure Security Agency, the program would protect school networks from security risks, The Hill reported.
CISA would also be required to stand up an in-house cybersecurity incident registry to track cyberattacks on K-12 institutions and start a cybersecurity incident exchange program to promote the sharing of best practices among schools.
An earlier version of the bill, which was snubbed in the House, mandated the National Science Foundation to lead infrastructure and cyber workforce improvements across K-12 schools.
Changes made to the bill, including language allowing for more collaborative information sharing between schools, came about after lawmakers factored in stakeholder feedback.
Leading proponent Rep. Doris Matsui said the bill provides a roadmap for defending schools from escalating cyberattacks.
“Cyber threats have been on the rise across the nation, causing massive disruptions to critical institutions,” Matsui told The Hill.
Other bill sponsors include Reps. Jim Langevin, John Katko and Andrew Garbarino.
K-12 schools have been a prime target by ransomware attacks as they are more likely to pay ransoms to decrypt systems and continue with classes.
A March report from SecureWorld notes that the five most common types of incidents in K-12 institutions are ransomware attacks, denial of service, data breaches or leaks and phishing attacks.
“Zoom-bombing” incidents, which subject online meeting users to unwanted and often inappropriate content, have also been a problem for schools. In May 2020, FBI officials received 240 reports of Zoom disruptions depicting child sexual abuse material.
Tags: Andrew Garbarino CISA cyberattacks Cybersecurity and Infrastructure Security Agency Doris Matsui Enhancing K-12 Cybersecurity Act Jim Langevin John Katko K-12 schools ransomware The Hill Zoom-bombing