When we think of school attacks, we think of horrific school shootings. But it turns out that schools can be attacked virtually also.

Like many parents out there during the pandemic, our kids have been remote learning, and our school district did a really great job of setting up the technology for this. However they've had some serious connectivity issues the past few days, which have left our kids virtually stranded.

After some investigation, the district determined this was because of a DDoS (Distributed Denial of Service) attack on the school, meaning that someone deliberately bombarded the network with fake requests in order to overwhelm it and deny access to regular users. Apparently law enforcement are investigating, but DDoS attacks are very difficult to source, because by nature they use anonymous VPNs that are virtually untraceable.

The school, meanwhile, have put in some mitigation for this, probably utilizing a service like CloudFlare, which can detect such an attack and thwart it.

The question is: where did it come from? Somehow I doubt a foreign government would have much interest in disrupting a school district. Who would? Well, it really wouldn't surprise me if this was a student, or group of students... because honestly it's a great way to be excused from having to do schoolwork. Idle children can quickly become a devil's playground.

At least a DDoS attack on a school isn't anywhere near as tragic as a school shooting, but it is still an attack on our children's education. Worse, it happened at a time when most parents are very dependent on schools to keep their children occupied and continue their education.

It also brings to mind how vulnerable all online services are, even ones you wouldn't expect to be attacked. This is why it's critical to actively mitigate against cybersecurity threats by adopting best practices. Utilize DDoS protection services like cloudflare.com. Have outside firms perform penetration tests on your systems so you can see what security holes there are before you're actually attacked. And ensure you have easily accessible, secure and properly enforced IT policies using a service like Staff.Wiki.