Rhode Island Schools Implement DNS Service to Combat Ransomware

In a pioneering move, Rhode Island has become the first state to implement a statewide cybersecurity initiative focused on safeguarding K-12 schools from increasing ransomware threats. This initiative was announced by the White House on Monday.

The new Protective Domain Name Service (PDNS) will offer critical cybersecurity protections to approximately 136,000 students across 64 school districts in Rhode Island. This service will effectively block access to harmful websites and other risky online environments. The objective is to preemptively intercept cyberattacks by providing districts with a funded third-party service that is cost-free, avoids complex requirements, and eliminates the need for disruptive interventions.

This announcement comes amid a rising wave of cyberattacks targeting educational institutions throughout the United States. Many schools face overwhelming threats from foreign adversaries, which exploit resource limitations and often inadequate cybersecurity measures. Experts have noted that hackers are increasingly employing sophisticated tactics, including impersonating legitimate businesses to gain trust and access sensitive information such as students’ health and financial records.

According to White House National Cyber Director Harry Coker, “For too long, our schools have been up against determined ransomware gangs, skilled cybercriminals, and well-funded nation-state actors jeopardizing the data and safety of students.” Following the Rhode Island Department of Education’s formal agreement to implement the PDNS by June 30, 2025, Coker emphasized the necessity of these measures.

In addition to immediate cybersecurity improvements, the state has committed to promoting cybersecurity awareness and training. This initiative will involve professional development programs and informational campaigns aimed at educators, administrators, staff, and students, thereby enhancing the overall security posture of educational institutions and protecting against unauthorized access and cyber threats.

Responding to increasing vulnerabilities, the Cybersecurity and Infrastructure Security Agency (CISA) has urged K-12 schools to establish multidisciplinary threat assessment teams. These teams are vital for managing various cybersecurity liabilities and responding to potential threats of violence. CISA has also released a novel toolkit, intended as a valuable resource for school systems in navigating the evolving landscape of cybersecurity challenges.

Governor Dan McKee noted that Rhode Island is spearheading a comprehensive effort to ensure all local education agencies adopt straightforward yet effective cybersecurity strategies, particularly significant given the average of five cyber incidents reported by school districts each week according to the Education Department.