The second-largest school system in the US, with over 640,000 kids, has been the target of a ransomware attack

The second-largest school district in the United States, Los Angeles Unified (LAUSD), said that a ransomware attack affected its Information Technology (IT) systems over the weekend. More than 640,000 pupils from kindergarten through 12th grade are enrolled in LAUSD. Along with 31 smaller municipalities and various unincorporated areas of Los Angeles County, it encompasses Los Angeles. After learning that the attackers had interfered with access to LAUSD systems, including email servers, the school district first disclosed district-wide technical concerns.

As part of an ongoing investigation and incident response, LAUSD has reported the occurrence and is collaborating with law enforcement and federal authorities (the FBI and CISA). The Department of Education, the Federal Bureau of Investigation (FBI), and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) were brought together by the White House “after the District contacted officials over the holiday weekend in order to provide rapid, incident response support to Los Angeles Unified, building on the immediate support by local law enforcement agencies,” the district said.

“Agencies mobilized significant resources at the District’s request to evaluate, safeguard, and advise Los Angeles Unified’s response, as well as future planned mitigation actions.”

While the LAUSD said schools will remain open today while it attempts to repair compromised systems, there may be some expected delays affecting some services, despite the attack disrupting the district’s infrastructure.

LAUSD continued, “Business operations may be delayed or modified, but we do not anticipate significant technical challenges that will prevent Los Angeles Unified from providing instruction and transportation, food, or Beyond the Bell services. The healthcare and payroll of employees are unaffected, and the cyber intrusion has not affected the safety and emergency procedures in place at schools, according to a preliminary investigation of vital business systems. The district further stated that this incident had no impact on staffing, instruction, or payroll processes.

In order to combat a sizable and persistent wave of attacks, the U.S. Department of Education and the Department of Homeland Security (DHS) were advised to bolster cybersecurity safeguards at K–12 schools nationwide in November.

U.S. Senators Maggie Hassan, Kyrsten Sinema, Jacky Rosen, and Chris Van Hollen issued the call for action in response to a Government Accountability Office (GAO) report that found the Education Department’s 2010 plan for addressing threats at K–12 schools to be significantly out of date and focused on mitigating physical threats. According to Brett Callow, a threat analyst for Emsisoft, ransomware attacks impacted education in about 1,000 institutions, universities, and schools in 2021.