L.A.’s Unified School District confirmed it suffered from a ransomware attack, causing a major system outage.
The attack, which L.A.’s Unified believed to be criminal in nature, disrupted access to email, computer systems, and applications. Teachers could also not post lessons and take attendance due to the attack.
“Los Angeles Unified detected unusual activity in its Information Technology systems over the weekend, which after initial review, can be confirmed as an external cyber attack on our Information Technology assets, “a statement from the district said.
While no culprit was named behind the attack, the district indicated that the breach was a ransomware attack. The authorities believe that schools should open as planned. However, some services might be delayed or modified.
The district said the FBI and CISA were informed about the incident and will provide assistance to combat the outcomes of the breach.
“At the District’s request, agencies marshaled significant resources to assess, protect and advise Los Angeles Unified’s response, as well as future planned mitigation protocols,” reads the statement.
Wealth of data
The wealth of valuable data held in schools makes education institutions lucrative targets. Education institutions often hold confidential records and thus are more likely to comply with ransom demands.
Another reason threat actors have set their sights on education institutions is that schools tend to make high ransom payments. A recent survey showed that lower education schools are among the top three in the amount of ransom paid ($1.97 million).
Ransomware attacks on education institutions have the highest data encryption rate (75%) among all sectors (65%). A staggering 9% of higher education schools take over three months to recover from ransomware attacks, more than double the average time for other sectors.
Some don’t recover at all. For example, Lincoln College, established in 1865, had to close up shop recently after a ransomware attack disrupted the admission process last December.