Cenic.org
  • Home
  • Blog
  • Protecting Schools from Cyberattacks: CENIC Conducts Successful DDoS Mitigation Pilot

Protecting Schools from Cyberattacks: CENIC Conducts Successful DDoS Mitigation Pilot

Categories K-12

Tags conference cybersecurity ddos k-12 security

The panel for “DDoS Mitigation Support, Use, and Lessons Learned” at CENIC’s 2019 Conference: (left to right) Dawn Kale, director of information technology, Poway Unified School District; Dustin Gray, systems engineer, Poway Unified School District; David Thurston, chief technology officer, San Bernardino County Superintendent of Schools; Luis Wong, chief executive officer, K-12 High Speed Network; Michael Gong, lead network operations engineer, CENIC; Sana Bellamine, senior core engineer, CENIC; and Philip Romero, senior information security analyst, CENIC.

CENIC and the K-12 High Speed Network are working together to protect California schools from cyber attacks, threats that have compromised confidential student information, interrupted statewide scholastic testing, and prevented faculty and students from accessing important educational materials online.

For a year, CENIC and K12HSN have conducted a pilot program to integrate protection services for distributed denial of service (DDoS) attacks. A DDoS attack occurs when a malicious user attempts to shut down a website or a server using a bot that overwhelms the system with traffic. At CENIC’s 2019 Conference in March, a panel of network experts and school district representatives spoke about the success of the pilot program and efforts to implement it for K-12 educational facilities statewide.

“We feel that we can make a case for the state to help provide funds for DDoS mitigation,” said Luis Wong, CEO of K12HSN. “Integrating these services onto the CENIC backbone could help our K-12 institutions, and we can demonstrate the economy of scale provided around doing this together.”

Struggling with Cyberattacks on Schools

DDoS attacks on schools are on the rise. Educational facility websites become easy targets as the tools to perform a DDoS attack are readily available. For a nominal fee, anyone can buy or rent a botnet to carry out an attack. Given that schools are increasingly reliant upon network access for curricula, productivity tools, testing, and other applications, a DDoS attack can have a crippling effect.

In the first year scholastic testing went live for all California school districts, some students tried to interrupt the testing program using malware. That incident was part of what motivated this pilot program. Schools face a number of barriers to implementing DDoS mitigation tools on their own, according to survey results from the pilot: cost (92%), technical expertise (44%), training (44%), equipment (40%), staffing (36%), and administrative support (28%).

Dustin Gray, systems engineer for Poway Unified School District, which serves 36,000 students, told conference attendees that in the past DDoS attacks have temporarily shut down all web traffic for their schools. “We started getting hit pretty heavily right when this pilot was starting,” he said. “I reached out to our county office of education in something of a panic, and while we were developing our internal processes, we stumbled across the CENIC pilot.”

Designing Detection and Mitigation Services

To implement the pilot, CENIC engineers reviewed mitigation options, designed a cloud-based, off-net solution, and selected a DDoS scrubbing provider. CENIC staff set up protocols and procedures to handle the new services, and held information sessions with K-12 participants. “Stars aligned in terms of funding, support systems, CENIC being willing to contribute staff and engineering time and resources, and a lot of the things that needed to happen behind the scenes to get this off the ground,” Wong said. The pilot involved 26 sites across California, including Los Angeles Unified School District, San Diego County Office of Education, and Sacramento County Office of Education.

When an attack occurred, CENIC often noticed it and mitigated it before there was any negative impact on a school district. The few times districts did notice issues with their websites due to attacks and notified CENIC, they were mitigated immediately. “The ability to make a phone call and bring everything back online was wonderful,” Gray said.

Within two days after each attack, CENIC engineers provided school districts with a report detailing the attack and mitigation. “We couldn't be happier with the results of the pilot,” Wong said.

Working Together for a Solution

Commercial DDoS mitigation services are expensive. Educational sites said they were “eternally grateful” to be able to participate in the pilot. When surveyed after the project, a vast majority (92%) found the pilot effective. Participants found the setup and configuration of the DDoS mitigation service either excellent (80%) or good (20%). And over 90% rated their experience with activating or deactivating the DDoS service once under attack as excellent, very good, or good.

K12HSN is putting together a budget proposal seeking state funding to pay for DDoS mitigation services for California school districts. “We're hoping that as we move forward we can continue to work with CENIC to have DDoS mitigation,” Wong said. “We understand that there may be other members besides K-12 who are also interested in DDoS mitigation, so we'll continue this conversation with CENIC around how this could potentially continue in the future.”

Twenty million people rely on CENIC’s network to connect with each other and the world. At the center of CENIC’s work is its commitment to provide a state-of-the-art, robust, and reliable network to California’s research and educational institutions, K-12 schools and libraries, community colleges, and hospitals and academic health systems.

Watch the complete panel discussion, "DDoS Mitigation Support, Use, and Lessons Learned," from CENIC's 2019 Conference.

Related Content:

Related blog posts

The Venue is the World: CENIC Helps SFJAZZ Share Music with Everyone

The Venue is the World: CENIC Helps SFJAZZ Share Music with Everyone

Adaptive Teaching and Learning: Artificial Intelligence in the K-12 Environment

Adaptive Teaching and Learning: Artificial Intelligence in the K-12 Environment

Recent news

Major CENIC Line System Upgrade Means Improved Provisioning and Services for CENIC Members

Pacific Wave Distributed International Peering Exchange Supports Big-Data Demonstrations at Supercomputing 2024 Conference

Learn What CENIC and Our Members Accomplished Together in the CENIC 2022-24 Community Report

New Connections to Major Cloud Providers Boost Performance and Value for CENIC Members

SDSC at UC San Diego and CENIC Work to Expand AI Education Infrastructure in California

Recent blog posts

CENIC and its Member Community in 2024: Artificial Intelligence, Digital Equity, and R&E Innovation

CENIC Internships: Working with Higher Ed to Create a Skilled Workforce for the Future of Networking

CENIC AIR and Your Campus: From Concept to Connection

The Easy Button for DDoS Attacks: Fast, Convenient, Cost-Effective Mitigation for CENIC Member Institutions

The Venue is the World: CENIC Helps SFJAZZ Share Music with Everyone

Subscribe to our newsletter

Stay up to date on news and stories from the CENIC community.

Subscribe now

About Network CENIC Membership News