Ransomware Attack on L.A. Schools Could Signal Larger Threat, Warn Cyber Experts

Cover of Los Angeles School District Strategy Report

Hackers targeted Los Angeles Unified, the second-largest school district in the US with over 600,000 students, with a cyber-attack over Labor Day weekend, reports The Guardian.

The perpetrators appear to have targeted the facilities systems, which involves information about private-sector contractor payments which are publicly available through records requests rather than confidential details like payroll, health and other data.

Cyber experts warn that it could be an ominous indication of a nationwide threat.  Schools are an attractive target for hackers for a variety of reasons, Matthew Warner, co-founder and chief technology officer at the cybersecurity firm Blumira told The Guardian.

“Most IT leaders in education operate on a shoestring budget,” he said. “Plus, lower budgets in education make it difficult to hire and retain cybersecurity talent without a competitive salary to offer.”

A ransomware extortion attack in the biggest school district in Albuquerque, New Mexico, forced schools to close for two days in January.

Authorities believe the Los Angeles attack originated internationally and have identified three potential countries where it may have come from.

In August and September 2021, 57 percent of ransomware incidents reported to the FBI involved K-12 schools compared to 28 percent of incidents from January through July.

In 2021 56 percent of K-12 schools and 64 percent of higher education organizations surveyed by digital security firm Sophos reported being hit by some type of ransomware.

The FBI suggests schools not pay ransoms, but 45 percent of K-12 victims and 50 percent in higher education reported paying the ransom to reinstate lost data.