Newsom signs bill to combat cyberattacks against K-12 schools
SACRAMENTO – Legislation aimed at tackling the issue of cyberattacks on the state's public K-12 education system was signed into law by California Gov. Gavin Newsom on Wednesday.
Introduced by Assemblymember Diane Papan, D-San Mateo, Assembly Bill 1023 passed the state senate unanimously last month.
The bill will expand CAL-SIC assistance to K-12 schools. CAL-SIC is a state cybersecurity agency that has already worked with higher education systems such as the University of California.
"As technology plays a greater role in schools and in society, we must develop safeguards to protect critical data and safeguard the privacy of students, families and staff—particularly from nefarious actors willing to disrupt public education and put our communities at risk," said Papan in a release. "Current law fails to offer the support school districts and county offices of education need to defend against cyber threats and mitigate any successful attacks."
The Los Angeles Unified School District had 2000 students' information stolen by hackers in 2022, in which a ransom was sought with the threat of releasing the stolen information. The district, following FBI guidance, did not pay, and the information was released on the dark web.
In a separate incident that year, the Glenn County School District was the victim of a ransomware attack that led to multiple-day school closures there.
In 2022, cyberattacks against the education sector increased by 36 percent from the previous year, according to Papan.
Higher educational institutions such as the University of California, Los Angeles and College of the Desert have also faced recent cyber-attacks, with one at UCLA just last May.
"With limited resources and ever more sophisticated cyber-attacks, it is more urgent than ever that we help school districts prevent and respond to cyber threats," said Papan. "The functioning of our districts and the privacy of staff and student data must be protected."