Ms. Stephens said local and state governments around the United States are realizing that “this is the next area of concern for government infrastructure.”
The Internal Revenue Service warned in 2017 that a scheme to target confidential tax data had “evolved beyond the corporate world and is spreading to other sectors, including school districts, tribal organizations and nonprofits.”
It may be a while before schools’ defenses are able to catch up with the abilities of the hackers who target them, said Eva Vincze, a faculty member in the cybersecurity and police and security studies programs at George Washington University.
“Most school systems, especially in small communities, do not have the resources to keep up with each generation of threats that bad actors come up with,” Dr. Vincze said. She added that schools may put themselves at risk by having “the same mentality that is pervasive in the business sector: ‘It won’t happen to us.’”
“In reality, it can and does happen to everyone,” she said.
According to Mr. Krueger, cyberattacks on school districts and other organizations begin when an employee — perhaps someone in the financial office, where a lot of sensitive information is stored — opens an email that appears to have come from a supervisor or even the district superintendent, but in fact carries malware that compromises the employee’s computer and the district’s network.
School officials in Dothan, Ala., said the F.B.I. is investigating the malware attack on its computers, but declined to discuss the hackers’ possible motives.
In Syracuse, the motivation appeared to be money.
The Syracuse school district said on Friday that its insurance policy would cover the cost of regaining access to its computer systems, subject to a $ 50,000 deductible that the district expects to pay, according to The Post-Standard newspaper. The district has been locked out of its computer and email systems since July 8.