Cyber attacks cause serious and costly disruptions. With student and staff information at risk, the time to act is now.

OSRMT's Cyber Liability Coverage is 100% reinsured with limits up to $1 Million per school. Members do not SHARE limits and automatically get $50K in cyber liability coverage. Members can increase limits as needed, this flexibility is what sets OSRMT apart.

When thinking of cyber security, one usually thinks of online banking, online shopping, email, or social media. We create various passwords and security questions in an effort to safeguard our information, but a large segment of the population has had their information compromised in one way or another. Credit card numbers have been stolen, money has been drained from bank accounts, and entire identities have been “stolen.” While companies and individuals are constantly looking for ways to strengthen their computer security systems, many school districts remain extremely vulnerable in terms of their cyber security. School district computer systems contain a wealth of personal information and important data that can and do get hacked. Districts need to be as vigilant in their cyber security as any corporation and need to know how to prevent cyber attacks.

Schools are considered “soft targets” to hackers. A soft target is a person or thing that is relatively unprotected and vulnerable. Students or independent hackers may target school files. While a student may be aiming to only cause general chaos, a lone hacker may be looking to extort money from the school. These types of attacks against schools are becoming more frequent and, if schools remain lax in cyber security, they may become even more commonplace.


A common technique is called “phishing.” Phishing focuses on obtaining personal data. Phishing is typically carried out by email spoofing or instant messaging. It often directs user(s) to enter personal information on a fake website (the look and feel of which are similar to a legitimate website) the only difference is the URL of the website of concern. Communications purporting to be from social websites, auction sites, banks, online payment processors or IT administrators are often used to lure victims into providing personal information. Phishing emails may also contain links to websites that distribute malware.


Ransomware enables an attacker to exploit a security breach and has become increasingly popular over the last few years. Ransomware usually arrives as an email attachment and carries a computer virus that tricks the user into downloading or opening. Some of these viruses will lock up a system (which may be easily reversed by a knowledgeable person), while other attacks can encrypt data and make it virtually inaccessible. A message will appear demanding payment for the decryption of the files and a deadline by which the payment must be received. Ransomware can also appear as a denial-of-service attack. This type of attack makes a machine or network resource unavailable to the user by disrupting the network service’s connection to the internet. This is accomplished by flooding a user’s computer with excessive requests in an attempt to overload the system. Paying the ransom may seem like the fastest way to gain access to the information or network again, but there is no guarantee that once the ransom is paid that the hacker will decrypt the data or unlock access. A hacker sometimes simply asks for more money.