FCC proposes cybersecurity pilot program for schools, libraries as attacks increase

The Federal Communications Commission proposed on Tuesday the creation of a “Schools and Libraries Cybersecurity Pilot Program” that would allow officials to collect data about the cybersecurity and advanced firewall services that would best help K-12 schools and libraries across the country defend themselves from hackers.

Since the beginning of the school year in August, dozens of schools have faced internet and phone outages due to cyberattacks and ransomware incidents, with several having to cancel school days or post notices of stolen data in recent weeks.

“This pilot program is an important pathway for hardening our defenses against sophisticated cyberattacks on schools and ransomware attacks that harm our students and get in the way of their learning,” said FCC Chairwoman Jessica Rosenworcel, who noted that the effort is part of her Learn Without Limits initiative which is designed to ensure high-speed internet connectivity in schools and libraries.

“Protecting our students is a critically important task and one that touches on the mission of several federal agencies. Ultimately, we want to learn from this effort, identify how to get the balance right, and provide our federal, state, and local government partners with actionable data about the most effective and coordinated way to address this growing problem.”

The pilot program would call for up to $200 million in funding over three years to gain more information about which cybersecurity and advanced firewall services will have the greatest impact in helping K-12 schools and libraries protect their broadband networks and data, while also ensuring that limited Universal Service Fund (USF) funds are being utilized in the most effective manner.

The pilot program would also provide funding to eligible K-12 schools and libraries to defray the qualifying costs of receiving the cybersecurity and advanced firewall services needed to protect their FCC-funded broadband networks and data from the growing number of school and library-focused cyberattacks.

In a 74-page planning document, the FCC said interested schools and libraries would apply to be a pilot participant, and once selected would receive a funding commitment and could begin to receive equipment or services and submit invoices for reimbursement.

Several government initiatives have kickstarted this year to address the spate of cyberattacks that continue to spill troves of sensitive information about the nation’s students onto the dark web.

Rosenworcel said the attacks “have affected districts across the country, including in California, Iowa, New York, and Wisconsin.”

“Schools in these states have been targeted with ransomware attacks, resulting in everything from network malfunctions to student privacy vulnerabilities to unexpected expenses to get their systems back online,” she said.

“The Federal Communications Commission has a role to play here. That’s because these cyberattacks can undermine the connectivity that schools and libraries count on day-in and day- out.”

She added that the “scale of recent cyberattacks on these institutions suggests that this is a problem that is too big and complex for one agency to handle alone.”

In October, parents of students within Clark County School District in Las Vegas were alarmed when hackers contacted them claiming to have information on their children.

Some parents received PDFs of information from the school district about their kids.

In addition to disclosed attacks, ransomware gangs like LockBit, Akira and more continue to post data stolen from K-12 schools