Jim Thorpe Area School District is increasing its insurance coverage for cyberattacks.

The district had two cyberattacks in two years, but avoided paying ransom in both cases.

School board members voted Wednesday night to purchase a new cyber liability insurance policy with $2 million worth of coverage, twice what they had last year. The cost of the insurance is $19,000 per year.

“It’s going to be a policy everyone’s going to be looking to get from now on. It’s something that 5-10 years ago we wouldn’t have even thought about, but now it’s a necessity,” said Ken Marx, business manager for Jim Thorpe Area School District.

Cyberattacks on schools are on the rise nationwide. In 2019 there were 62 cyberattacks, up from the previous year, according to the Pew Charitable Trusts. Some of those schools had to close temporarily, while some have been forced to pay ransom demands of tens or hundreds of thousands of dollars.

When Jim Thorpe was attacked last October, the hackers demanded bitcoins, but they were not specific about an amount. The district’s IT staff was able to utilize backup storage to recover the locked files without paying the ransom.

The attackers gained access to a server and locked all the computers which were connected to it, refusing to reopen them until the ransom was paid.

The cost of the district’s current $1 million insurance policy was set to increase from $9,000 to $15,000. Marx said the cost increase was due to the previous attacks, but also the rising cost of this type of coverage. “The market is flooded with different cases and claims,” Marx said.

The policy could also cover the district if there was ever a data breach which resulted in personal information being posted online, according to Jerome Brown, the district’s director of technology. The Pew Charitable Trusts said that there has also been a rise in hackers stealing personal data from schools and local governments and posted them online.

“If there’s something resulting in a data breach, the district could be potentially liable for hundreds of thousands of dollars. I think it’s a good policy,” Brown said.

School board member Scott Pompa said that the history of cyberattacks on the district shows that there may be a need to better its systems. Marx said that there are additional security features that he is recommending along with the new policy.

Following a cyberattack last August, the district added stronger antivirus software to prevent attacks, and stronger backup storage to prevent having to pay ransom to recover hacked files.

Brown said that the district is better protected since the attacks.

“We do protect ourselves, and with some of the new server tools we’ve put in place, we’ve been able to do that,” he said.