Cyberattack on L.A. schools shows bolder action needed to stop ransomware

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and gain efficiencies by improving and scaling citizen developers. Watch now.

A ransomware attack on the Los Angeles Unified School District should serve as a wake-up call to the continued threat of cyber attacks on critical sectors across the country and the need for more aggressive concerted action to protect them.< /p>

The breach in the nation's second-largest school system, with more than 650,000 students and 75,000 employees, forced the shutdown of some of the district's computer systems. The only positive is that no immediate requests for money were made and the schools opened as planned on September 6.

Ransomware attacks are on the rise

My first thought when I heard about the incident was: Here we go again. Ransomware attacks against public institutions such as schools, hospitals and municipalities have increased in recent years. And it is not just the number of these attacks but their nature that is so disturbing. They feel particularly egregious because they cross the line between economic crime and disrupting the lives of ordinary Americans, even putting lives on the line.

In April, the US Department of Health and Human Services issued a warning about an "unusually aggressive and financially motivated ransomware group", known as Hive, that attacks healthcare organizations. Hive has taken on dozens of hospitals and clinics, including an Ohio health system that had to cancel operations, divert patients, and switch to paper medical records.

Event

Smart Security Summit

Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies on December 8. Sign up for your free pass today.

Register now

Ransomware attacks on municipalities across the United States have been rampant for years. An attack on Baltimore in 2019, for example, locked city employees out of their email accounts and blocked citizens from accessing websites to pay water bills, property taxes and parking tickets. . In 2018, ransomware shut down most computer systems in Atlanta for five days, including some used to pay bills and access court records. Instead of paying a $52,000 ransom, Atlanta chose to rebuild its IT infrastructure from scratch at a cost of tens of millions of taxpayer dollars.

Growing target of cybercrime

And now schools are up the list of cybercriminals' favorite targets. Two days after the Los Angeles School District discovered it had been attacked, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) warned that the mysterious Vice Society gang, which admitted responsibility for the breach, and other malicious groups are likely to continue their assaults.

“The impacts of these attacks range from restricted network and data access, delayed exams, canceled school days, unauthorized access and theft of personal information about students and staff. staff," the agencies' alert reads. "The FBI, CISA, and MS-ISAC anticipate that attacks may increase as the 2022/2023 school year begins and criminal ransomware groups perceive opportunities for success...