One hand holding padlock while other hand offers money. "Blocked" written in the background

A ransomware attack targets the second-largest US school system

Hackers launched a ransomware attack against the second-largest school district in the US, according to authorities from the Los Angeles unified school district. The FBI and CISA, two federal agencies, are helping school system with their reaction on the site.

From kindergarten through the 12th grade, LAUSD enrols more than 640,000 students. It encompasses Los Angeles, 31 smaller towns, and a number of rural areas in Los Angeles county.

Although LAUSD began classes as scheduled following the lengthy Labor Day weekend, the attackers compromised LAUSD systems, including email servers, the school district initially disclosed district-wide technical problems. It’s not yet clear whether data was taken, and its effects on the schools are also unknown.

It acknowledged that this was a ransomware attack and classified the incident as “criminal in nature” around seven hours later.

In a notification, the school system mentioned:

Employee healthcare and pay checks are unaffected by the ransomware attack. Safety and emergency procedures at schools have not been affected either.

LAUSD Notification Update (Twitter)

In an effort to aid the situation and execute an ongoing investigation, LAUSD has reported the incident and is collaborating with local enforcement and federal authorities (the FBI and CISA).

Agencies gathered a sizable number of resources to monitor, safeguard, and advise Los Angeles Unified School District’s reaction as well as any upcoming planned mitigation methods.

Earlier rumours claimed that “at least 23” LAUSD workers’ login information had been exposed on the dark web.

Is this the first ransomware attack suffered by a large school?

According to cybersecurity writer Jeremy Kirk, LAUSD was the victim of a similar ransomware attack in 2021. Trickbot, a malicious programme that occasionally serves as a preparation to a ransomware attack, was installed on a school psychologist’s computer.

Schools in Albuquerque, New Mexico, had to close for two days in January due to a ransomware attack on the city’s largest school system.

The U.S. Department of Education and the Department of Homeland Security (DHS) were encouraged to improve cybersecurity safeguards at K–12 schools nationally to prevent a significant and persistent wave of cyberattacks.

Although the FBI insists that schools do not pay ransoms, 45% of K–12 victims and 50% of those in higher education said they have paid to restore stolen data.

Ransomware attacks have reportedly impacted education at about 1,000 colleges, universities, and institutions in 2021, according to security analyst Brett Callow with Emsisoft.

The fact that fewer school districts were targeted by ransomware attacks last year caused this ratio to be lower than in 2020 (1,579 education systems were hit).

Help your colleagues spot these phishing emails by starting your Phishing Tackle security awareness training today with our two-week free trial.

Recent posts