The Government Accountability Office (GAO) said in a Nov. 16 report that Federal agencies need to up their ransomware assistance for state, local, Tribal, and territorial (SLTT) government organizations – including schools – by improving interagency collaboration, awareness, outreach, communication, and coordination with schools.
Federal assistance from organizations like the Cybersecurity and Infrastructure Security Agency (CISA), Secret Service, and the FBI is “essential to enhancing cybersecurity resiliency and effectiveness,” GAO said.
According to the Multi-State Information Sharing and Analysis Center, SLTTs experienced approximately 2,800 ransomware incidents from 2017 through 2021. Additionally, the report said over 2.6 million K-12 students were affected by ransomware attacks from 2018 to 2021.
“Ransomware is becoming one of the most serious cybersecurity threats to organizations of all sizes, including K-12 schools and state governments. Many times, these organizations do not have appropriate resources to prevent, respond, and quickly recover from these cyber incidents,” Jennifer Franks, director of GAO’s Information Technology and Cybersecurity, told MeriTalk.
In September 2022, the watchdog reported that CISA, Secret Service, and the FBI’s ransomware assistance to SLTTs was informal and lacked documented procedures.
Additionally, the GAO found that officials interviewed from all 13 SLTTs identified challenges with awareness, outreach, and communication. They reported difficulties identifying the Federal services that were available to them, and cited issues with inconsistent and timely communication from the FBI.
Tribal officials specifically expressed concerns about CISA’s focus on conducting outreach at the state level, leaving Tribal nations uninformed.
The GAO also expressed concerns about ransomware affecting K-12 students’ ability to attend school regularly – with learning loss after the incident ranging anywhere from three days to three weeks.
“We found that while the Department of Education and CISA offer cybersecurity resources to K-12 schools, such as online safety guidance, they otherwise have little to no interaction with the K-12 community regarding their cybersecurity,” GAO said.
The agency’s work identified three recommendations for the Federal government to improve the coordination and assistance it provides to SLTTs and schools for addressing ransomware attacks:
- CISA, Secret Service, and FBI improve interagency coordination;
- CISA, Secret Service, and FBI evaluate how to best address concerns raised; and
- Department of Education, in consultation with CISA and other relevant stakeholders, establish an applicable government coordinating council to coordinate cybersecurity efforts between Federal agencies and the K-12 community.
“The Federal government has programs to assist these organizations, which can be essential for helping these organizations enhance their cybersecurity resiliency and effectiveness in combatting this growing and evolving cybersecurity threat,” Franks continued, “Our work has found, however, that the Federal government lacked effective interagency coordination and coordination with the organizations they are to assist.”
“The recommendations we have made, if implemented, should help to improve the assistance the Federal government provides,” Franks said.