Behind the Hack: An urgent cybersecurity lesson for schools around the country

Target: Los Angeles Unified School District (LAUSD)
Date of attack: September 2022
 
Quick take: On September 5, 2022, LAUSD announced that it was the victim of a cyberattack which affected email access and digital systems across the district. The cybercriminal syndicate responsible for the attack, Vice Society, later claimed to possess 500 GB of stolen data and demanded a ransom. When LAUSD Superintendent Alberto Carvalho declared that the district wouldn’t negotiate with or pay cybercriminals, Vice Society published the data on the dark web.  
Much of the published data is extremely sensitive, such as Social Security numbers, bank account details, criminal records, tax information, and student psychological evaluations. LAUSD is working with the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Homeland Security (DHS), and other federal agencies and law enforcement. 
Why it matters: LAUSD is the second-largest school district in the United States, with more than 600,000 students. But what may be even more significant than the immediate impact of this hack is what it says about the education sector more broadly. The FBI and CISA report that they have “recently observed Vice Society actors disproportionately targeting the education sector with ransomware attacks.” This is part of a broader trend – LAUSD notes that the attack it suffered demonstrates “vulnerabilities that leave school districts nationwide susceptible to the significant risk of disruption…”
The LAUSD attack also highlights the central dilemma that victims of ransomware attacks face: whether to pay the ransom or risk future attacks, the publication of sensitive data, and other consequences. Carvalho argued that the ransom money would be better spent on students and observed that payment “never guarantees the full recovery of data.” The U.S. government urges victims not to pay ransoms, as doing so incentivizes future attacks.  
We’ve got a hack for that: NINJIO frequently covers ransomware attacks in our security awareness episodes, and we demonstrate how employee training can drastically reduce the chances of cybercriminals breaking in and stealing information in the first place. According to a 2021 survey, 90 percent of companies provide additional cybersecurity training after a ransomware attack, but NINJIO’s emphasis on proactive cyber-awareness will help you prevent these attacks from succeeding. 
NINJIO is also focused on providing cybersecurity awareness training where it’s needed most – in sectors that are especially vulnerable to cyberattacks, and which are struggling to fend off those attacks. Considering the amount of highly sensitive student information school districts possess, cybersecurity should be a major priority for the education sector.