Los Angeles' school district suffers a ransomware intrusion

Los Angeles Unified School District Faces Ransomware Attack, Seeks Support from State and Federal Agencies

The Los Angeles Unified School District (LAUSD), one of the largest employers in Los Angeles County with over 75,000 employees and serving over 600,000 students at more than 1,000 schools spread across 720 square miles, has fallen victim to a ransomware attack over Labor Day weekend.

The cyberattack, considered likely to be criminal in nature, has affected many of the school district's IT systems, including attendance tracking software, email, storage, and systems provided by Google Workspace. As a result, users, including teachers, parents, and students, are reporting problems accessing systems and lesson plans.

In response, the district has implemented a response protocol to mitigate districtwide disruptions. Schools in the district opened as scheduled, but the password reset requirement for all accounts is causing further delays and confusion. There may be delays due to high demand on the district's systems during the password reset process.

To ensure ongoing cybersecurity guidance, the district plans to establish an advisory council and a technology advisor. An independent task force has also been established to develop recommendations within 90 days.

Multiple federal authorities, including the White House, the Department of Education, the FBI, and the Cybersecurity and Infrastructure Security Agency, are assisting with the response. State and federal agencies are also aiding with the district's near- and long-term response.

However, beyond these specific agencies, there is no mention of additional government support for the cyber defense measures of the LAUSD. Industry collaborations like Stellar Cyber's Open Cybersecurity Alliance, including companies like LastPass, Netskope, Check Point, and ESET, provide cyber defense support indirectly through technology integration.

Despite the impact on its IT systems, the district is fortunate that critical business systems, including employee healthcare, payroll, safety, and emergency mechanisms at schools, were not affected by the attack. The financial and operational impacts of ransomware attacks on schools are often disproportionately greater compared to organizations in other industries.

In light of this incident, the district is calling for a "full scale reorganization of departments and systems" to bolster district data safeguards. Schools and other academic institutions are commonly targeted by ransomware gangs, making it crucial for educational institutions to prioritize cybersecurity measures.