House passes bill aimed at protecting K-12 schools against cyberattacks

The House passed a bill with bipartisan support on Wednesday that aims to protect K-12 school systems from cyberattacks. 

In early August, the Senate passed the K-12 Cybersecurity Act which would direct the Cybersecurity and Infrastructure Security Agency (CISA) to work with teachers, school administrators, other federal departments and private sector organizations to examine cybersecurity threats that pose a risk to K-12 educational institutions. 

The bill was authored by Sens. Gary Peters, D-Mich., who chairs the Homeland Security and Governmental Affairs Committee, and Rick Scott, R-Fla., and is headed to the president’s desk where it will await his signature. 

"The bill will help educational institutions bolster their cybersecurity protections by instructing the Cybersecurity and Infrastructure Security Agency (CISA) to examine the risks and challenges that schools face in securing their systems," according to a news release from Peters following the bill’s passage. 

a327c267-Remote learning

FILE - A student does her school work on an iPad.

RELATED: Ransomware attack impacts Lancaster ISD operations 

"Ransomware and other cyber-attacks that can shut down our K-12 schools and compromise the personal information of our students and dedicated educators are unacceptable and must be stopped. We must provide faculty and staff with the resources and means that they often lack to defend themselves and their students against complicated cyber-attacks," said Peters. 

Among the cybersecurity challenges that school systems face are securing sensitive student, parent and employee records and more recently, cybersecurity risks related to remote learning, according to the bill. 

As of August, more than 1,100 cybersecurity incidents have been confirmed since the K-12 Cybersecurity Resource Center began tracking in 2016. 

"School districts throughout the United States suffer from notoriously poor information security," the K-12 Cybersecurity Resource Center said last year as the COVID-19 pandemic swept across the country. 

RELATED: Hartford Public Schools closed due to ransomware attack 

"The public assumption that K through 12 information security has kept pace with the rest of society is wrong," the organization, which tracks K-12 cybersecurity incidents, said. 

This year, Broward County public schools in Florida were hit by a ransomware attack demanding $40 million with threats to expose sensitive student, teacher and employee data. This follows attacks on other schools in Baltimore, Maryland, Fairfax County, Virginia, and Hartford, Connecticut, among others. 

Flexible learning styles mean more reliance on computers, online connectivity and learning apps, increasingly exposing schools to the risk of cyberattacks, according to software security company McAfee. And lessons learned from distance learning and virtual classrooms during the height of the pandemic need to be applied going forward. 

"Cyber actors could view the increased reliance on—and sharp usership growth in—these distance learning services and student data as lucrative targets," according to CISA

FOX News contributed to this report.