The Solution to the Ransomware Problem Starts in Our Schools

Opinion | Cybersecurity

The Solution to the Ransomware Problem Starts in Our Schools

By Colin McKaig     Nov 5, 2021

The Solution to the Ransomware Problem Starts in Our Schools
The sign outside a gas station in Florida indicates it is out of fuel. Amid the Colonial Pipeline cyberattack in May 2021, the U.S. faced gasoline shortages and high gas prices.

In a country where computer technology was born and bred, where technological innovation has fueled untold economic growth and opportunity, where high-tech tools live in hip pockets, why are we losing the ransomware battle? Why doesn’t the United States have the upper hand, and what can we do to get it back?

Ransomware, according to NBC News, is “an epidemic of cybercrime where hackers remotely lock victims’ computers and demand an extortion payment to fix them.” It is not unlike other types of ransom, where criminals demand payment in exchange for something valuable that was taken—only, in this case, the valuable items are typically files that include personally identifiable information, personnel records, financial records and other digital materials without which companies, colleges and other institutions cannot operate.

Ransomware costs are on the rise, expected to exceed more than $20 billion worldwide next year. This includes the ransom itself, but also network downtime and repairs, lost productivity and reputational damage. Schools, hospitals, corporations, the federal government: all sectors of our economy have been affected by ransomware attacks. It seems like it’s becoming almost an everyday occurrence.

A recent high-profile ransomware incident disrupted the U.S. oil and gasoline supply and helped to illustrate the stakes and scale of this problem to the general public.

In May of this year, the computer system of Colonial Pipeline, a company that operates the eponymous 5,500-mile pipeline that stretches from Texas to New York, was overtaken during a ransomware attack. The company was effectively held hostage in an attack that crippled the East Coast’s petroleum supplies for over two weeks, causing delays and shortages to everyday American consumers and commuters.

Colonial quickly paid out nearly $4.5 million to secure encryption keys to unlock its computer systems, get the pipeline up and running again, and ease the anxiety, frustration and long lines that resulted from disruption. Weeks later, the federal government was able to claw back about half of the ransom paid by Colonial, but that is hardly a standard outcome.

Cybersecurity and ransomware are front-page news lately. On Oct. 8, the bipartisan Cybersecurity Act was signed into law by President Biden. Less than a week later, the White House convened the Virtual Counter-Ransomware Initiative Meeting, bringing together leaders from over 30 countries to generate international cooperation.

The Pipeline Problem

One of the reasons the Colonial attack even happened is that our nation simply does not have enough qualified workers to fill available high-tech positions, including positions such as network security professionals, systems analysts and software developers.

According to Microsoft, there are currently over 450,000 open positions in the United States that require cybersecurity skills. This accounts for 6 percent “of all open jobs in the country.” People who fill these roles can help shore up vulnerabilities that leave organizations and institutions susceptible to ransomware attacks in the first place, but if those roles are vacant, they obviously can’t do any good.

This is where my job comes in—and where the K-12 education system can help, providing a more robust on-ramp to collegiate computer science programs, and helping to supply the nation with much-needed personnel in this field.

The key to K-12 preparation is integration.

As a technology integration specialist, my role in my Vermont school district is to support educators as they develop greater fluency in educational technologies, leveraging these tools to improve student outcomes.

Clearly, it’s been a busy year. But it’s been a year of possibilities and opportunities, too. Both students’ and teachers' tech skills have improved dramatically—they’ve had to. How, then, can we build on this and increase attention to the ransomware problem? Let’s offer young people the opportunity to be a part of the solution and make a handsome living while doing so.

Teaching Technical Skills

In a rare show of bipartisanship, the U.S. Senate announced the passage of the U.S. Innovation and Competition Act of 2021 over the summer, sending it to the House for sign-off there. The bill contains $250 million to address recurring ransomware threats and other problems, some of which will make its way into the nation’s schools. Tucked into the hundreds of pages of this bill, the word “school” or “schools” appears 156 times. Grants, awards, competitions and an array of STEM-related initiatives are packed into this legislation. For that, I’m hopeful.

My real hope, though, is that this funding will not be an add-on. My hope is we weave technology skills into the curriculum. We engage students in coding exercises. We capitalize on Hour of Code programs. We pull the curtain back on technology, letting students understand the coding that operates these devices. We introduce students to computer programs like WeVideo or Padlet. It doesn’t necessarily have to be new courses and more teachers.

The Tech Center attached to my high school, serving five public school districts in Windsor County, Vt., is doing great work in preparing students for a technical world. For the students who know these are the pathways they want to pursue, it’s been a boon. But for those who are indifferent or unsure, marching through a traditional high school curriculum program, it comes back to weaving more technical skills into the daily work of teaching, no matter the subject area.

So many courses, classes and assignments, at every grade—from high school statistics, to the middle school play, to a second grade trip to the outdoor classroom—can and should have a digital component. The tools are already in our hands.

I am not pushing tech for tech’s sake, but tech that can amplify these everyday lessons. Teachers can create tech-rich environments while simultaneously preserving the beauty and simplicity of traditional learning. This is critical to our nation’s future.

Learning to manipulate original photos of leaves and insects with programs like Photoshop or Pic Monkey and building them into little presentations is an example of the ways tech can spark interest in kids. Creating original texts in Book Creator gives students authority. Data visualization projects using Adobe Spark or Lucidpress means students are actively constructing meaning, not passively receiving instruction. In such cases, the technology can come in through the side door, while the content—the learning itself—remains front and center.

The student whose curiosity and interest is sparked today may help prevent tomorrow’s Colonial Pipeline-level (or worse) catastrophe. But for that to happen, we need to increase student interest in computer science, using our current educational technologies and weaving these tools into the many lessons students encounter in their classrooms.

Learn more about EdSurge operations, ethics and policies here. Learn more about EdSurge supporters here.

More from EdSurge

Get our email newsletterSign me up
Keep up to date with our email newsletterSign me up