NewsLocal NewsInvestigations

Actions

Behind the scenes: How Kansas City area school districts train for cyberattacks

Global cyberattack: A super-simple explanation of what happened
Posted
and last updated

BLUE SPRINGS, Mo. — You’ve likely heard about hackers targeting our schools after the fact, but what’s being done to prevent a cyberattack that could put your child’s personal information at risk?

The KSHB 41 I-Team was given a behind the scenes look at how some Kansas City area school districts train for cybersecurity threats.

What’s called a “tabletop exercise” is put together by the Missouri Office of Homeland Security.

“For me, it’ll only make us grow stronger,” Lt. Michael Russell with the Blue Springs School District Department of Public Safety said.

The program uses federal homeland security funding. The exercises are relatively new and only began in December of 2021.

“It kind of gauges where we’re at in the cybersecurity field,” Lt. Russell said.

Director for the Missouri Office of Homeland Security Kylie Dickneite said one of the most common attacks is through phishing emails.

“A lot of times now they’ll use social engineering to really customize the emails to look real for the audience that they’re sending them to in hopes of them thinking it’s real, click on the link, and then they are able to get inside their networks,” Kylie Dickneite, Director for the Missouri Office of Homeland Security said.

At the training, they practiced a scenario that involved a hacker targeting a third-party vendor through a phishing email. It’s a way for them to get access to a district’s networks and systems once someone clicks on the scam email.

The hackers then cause network access issues and install ransomware.

“What we try to do is be force multipliers out there in the communities and help them train and practice this stuff ahead of time so that way they have a better chance of surviving an incident afterwards,” Dickneite said.

The Cybersecurity and Infrastructure Security Agency, CISA, works with the Missouri Office of Homeland Security.

“If you disrupt a school system, you’re disrupting an entire community and everything that goes on in that community,” Phil Kirk, regional director for CISA said.

Kirk explained why school districts are a target.

“It’s hard to say what the motivations are, but often times, it’s driven by either political motivation, financial motivation, which is normally the case,” Kirk said.

We’ve seen instances of hackers demanding money from school districts.

In the spring of 2021, the Park Hill school district said hackers tried to steal the district’s files and information, then sell it back.

The district had a backup and recovered everything without paying a ransom.

Not all districts are that prepared.

Kirk described the biggest mistakes school districts make.

“It depends on the school district, but some of the things that we see is a lack of planning. This is a threat that’s real and we’re seeing that across our country,” Kirk said.

Since 2019, nearly three dozen school districts in Missouri reported some kind of data breach, according to the Missouri Department of Elementary and Secondary Education.

Most did not involve ransomware.

In Kansas, it’s unclear how many districts had a data breach because they don’t have to report them to the state.

With how much we rely on technology, the CISA regional director said districts should have a plan.

“Pretty much everything in this day and age is connected so we would argue everything should be protected,” Kirk said.

Kirk recommended districts use multi-factor authentication, update security software and hardware regularly, and have strong passwords.

Kirk reiterated districts should never pay a ransom if a hacker demands one.

“We hope that there’s not a significant number of people who are just paying the ransom and moving on,” Kirk said.

The I-Team found out cyberattacks can cost districts a lot of taxpayer money.

A recent federal report said they cost some districts anywhere from $50,000 to $1 million.

That amount of money factored in deductibles for cyber insurance, enhancing cybersecurity to prevent future attacks, and replacing hardware.

“We know it’s been a threat, but I just think more and more we’re hearing about it in the news and so it has those top administrators at schools kind of laying awake at night wondering when it’s going to happen to us,” Dickneite said.

It’s why districts like Blue Springs want to be prepared now.

“Everyone at that table is going to learn something,” Lt. Russell said.


The KSHB 41 I-Team thrives on tips from the community. Do you have a tip on this story? Send us an email at investigators@kshb.com.