Sep 07, 2022 16:00:00

The second largest 'Los Angeles Unified School District' in the United States is damaged by ransomware

On September 3, 2022, shortly after the start of the new school year in the United States, the Los Angeles Unified School District (LAUSD), which operates more than 1,400 educational facilities and has more than 570,000 children and students, was hit by a ransomware attack. It turned out that This has caused significant disruption to the district's education system, but LAUSD says it will open as normal.

Los Angeles Unified Targeted by Ransomware Attack (09-05-22)

https://achieve.lausd.net/site/default.aspx?PageType=3&DomainID=4&ModuleInstanceID=4466&ViewID=6446EE88-D30C-497E-9316-3F8874B3E108&RenderLoc=0&FlexDataID=122768

FBI joins probe into LAUSD cyberattack as school goes on - Los Angeles Times
https://www.latimes.com/california/story/2022-09-05/lausd-cyberattack-takes-down-la-unified-operations-schools-will-open-on-tuesday

LA public schools hit with back-to-school ransomware attack - The Record by Recorded Future
https://therecord.media/lausd-ransomware-back-to-school/

The Los Angeles Unified School District (LAUSD) announced on September 5, 2022 that the cyberattack that has continued since the previous weekend was a ransomware attack.

Los Angeles Unified Targeted by Ransomware Attack

For more information, please visit https://t.co/Dh4YtLJVxY .pic.twitter.com/ Kb8E0HRFWq

—Los Angeles Unified (@LASchools) September 6, 2022

The attack was reportedly detected late on September 3rd. As a result, LAUSD's site was not connected, and access to the email system for staff and students was also disabled. Also, the system for teachers to post about classes and take attendance has also gone down. On the other hand, there is no evidence that data such as social security numbers or medical information was stolen, and no ransom was requested.

Although some educational projects may be delayed or changed due to the impact of the attack, it is said that there will be no problems with services such as guidance for children, school lunches, salary calculations for teachers and health insurance.

“By shutting down all systems, we were able to contain the spread of this event and limit the potential damage,” LAUSD Superintendent Alberto Carvalho said at a press conference on Wednesday. It's the right decision at the right time,' he said.

In response to a report from LAUSD, the US government convened the Federal Bureau of Investigation (FBI) and the United States Cybersecurity and Infrastructure Security Agency (CISA) to respond to the incident. According to Mr. Carvalho, the announcement of the cyber attack was postponed until the evening of the 5th because the investigation was ongoing and it was necessary to examine the impact of information disclosure by coordinating with various parties. For similar reasons, details such as the attacker and the ransomware used are also withheld.

'I can't do my job of making sure students are in school,' one attendance counselor who manages children's attendance and time to and from school told the Los Angeles Times. Since we don't have access to information on the school, we can't confirm the whereabouts of our students by phone calls or home visits.Since the pandemic, we've been desperate to find out where our students are.'

In the United States, cyber attacks will intensify as the new semester starts in September. In a security advisory jointly released on Sept. 6, the FBI and CISA said, ``We anticipate a potential increase in attacks against the education sector as the new school year begins. School districts with limited access are often the most dangerous to attack,' he said, calling attention to educational institutions.