As SAT Goes Digital, Schools Must Prepare for Disruption

Local school districts nationwide need to ensure the basic security and readiness of their network infrastructure before spring 2024.

Richard Hummel, Senior Manager, Threat Intelligence, Netscout

December 7, 2023

4 Min Read
Student using a computer
Source: Hero Images Inc. via Alamy Stock Photo


As technology continues to reshape every aspect of our lives, it is no surprise that even time-honored institutions like the Scholastic Aptitude Test (SAT) are embracing the digital revolution. In 2024, the College Board, the organization responsible for administering the SAT, is planning a significant shift by transitioning from its traditional paper-and-pencil format to an all-digital testing platform.

This transformation promises to make the testing experience more streamlined and secure for students. Following years of remote classes during the pandemic, students are used to taking exams digitally, and the shift will reduce the SAT's environmental impact while making grading easier. It's a major milestone, but it also carries unique risks and points of failure that local school districts can and should begin to address proactively — or chance disaster on test day.

BYOD: A Recipe for Network Outages and Performance Issues

To make the digital SAT more accessible, the College Board now permits students to bring their own devices for use on test day. Alternatively, students can request a loaned device when registering, but if they decide to use their own laptop or tablet, it's their responsibility to download the exam application in advance.

It's not hard to imagine the day-of technical challenges that this approach will undoubtedly create. But putting aside common technical challenges on test days, IT and networking teams must ensure the basic readiness of their school's infrastructure to support so many devices simultaneously. The College Board estimates that each student will require at least 100 Kkps of bandwidth at both the start and end of the test.

Many schools already manage similar traffic levels throughout the school year, yet preparation remains essential. Common steps that IT teams should consider include advance testing of WiFi coverage and speed, as well as enabling guest access, opening ports and protocols, and enabling firewall exceptions in advance of test day. This may require some effort, especially for older schools with more dated technology.

Last but not least, schools need to ensure that they are not opening up new cybersecurity holes during this process. BYOD policies increase the chances of spreading malware and viruses over the network. It's up to technical teams to have effective cybersecurity countermeasures to protect the availability and security of their networks, including detecting potential infections by scanning for indicators of compromise, blocking outbound communication with known bad actors, and screening incoming traffic for signs of attack.

Cyberattacks Against Schools Remain High Post-Pandemic

Since the onset of the pandemic, students have increasingly launched distributed denial of service (DDoS) attacks to take down their school websites and applications. Students tend to prefer these types of attacks because of how cheap and easy they are to find on the Dark Web, with trials available for free and more powerful attacks offered for as little as $5. Motivations vary, but we know students often use DDoS attacks to delay tests or extend homework assignments during the school year. So why should we expect the all-digital SAT not to face the same threats?

Of course, the reality is that taking the SAT is one of the most stressful days of a student's life. Parents expect their children to do well on the test. A high score can make a difference in whether a student is admitted to their preferred school. Likewise, many scholarships require students to submit their SAT scores for consideration. Disruptions of any kind can put all of that in jeopardy.

The good news is that these types of attacks are largely preventable. Facing a growing breed of "dynamic DDoS" attacks, which involve more complex, rapidly shifting attack styles, many schools and large network operators are moving towards a hybrid approach to adaptive DDoS protection. This consists of deploying both on-premises and cloud-based systems, which allows school districts to detect and mitigate even the most complex DDoS attacks before they disrupt critical testing periods.

Preparation Is Key

Ultimately, successful implementation of all-digital SAT testing relies on the readiness of students and educators. Students must do their part to prepare for the test by studying and bringing their devices charged and ready to use. Likewise, school districts must begin planning for the technical and network challenges that the digital SAT will inevitably bring to testing sites nationwide.

Spring 2024 is just around the corner. There is little time for waiting. Now is the period for school districts to ensure a smooth and successful transition to the all-digital SAT by taking proactive measures, including assessing and optimizing network performance, providing comprehensive technical support, and securing networks before disruption strikes.

About the Author(s)

Richard Hummel

Senior Manager, Threat Intelligence, Netscout

After beginning his career with the US Army as a Signals Intelligence Analyst, Richard Hummel has spent the last decade in the private sector researching emerging cybersecurity threats. He leads Netscout's global threat intelligence team, examining trends in DDoS and threat actor activity.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights