LOS ANGELES — At the beginning of the new year, schools are becoming more susceptible to cyberattacks due to a ransomware attack that targeted the massive Los Angeles school district. This led to an unprecedented closure of the district’s computer systems.
Alarms were raised across the nation in response to the attack on the Los Angeles Unified School District, prompting urgent discussions with the White House and the National Security Council after the first ransomware signs were found late Saturday night and requiring password changes for 540,000 students and 70,000 district employees.
The nation’s second-largest district’s superintendent said no immediate demand for money was made despite the fact that the cyberattack used technology that encrypts data and won’t unlock it unless a ransom is paid. Schools there opened as scheduled on Tuesday.
Such cyberattacks are becoming a rising problem for U.S. schools, with many high-profile cases reported in the past year as virus outbreak technology reliance increases the impact. Additionally, cyber gangs have in the past organised significant attacks on US holiday weekends when they anticipate a shortage of IT staff and a break in security operations.
What is a Cyberattack?
Any attempt to obtain unauthorised access to a computer, computing system, or computer network with the intention of causing harm is referred to as a cyber attack. The goal of a cyber attack is to disable, disrupt, destroy, or take control of a computer system, as well as to change, block, delete, modify, or steal the data stored on it.
A cyber attack can be launched by any person or group from any location using one or more different attack tactics.
The majority of the time, those who commit cyberattacks are thought of as cyber criminals. They include persons who act alone and use their computer abilities to plan and carry out malicious assaults. They are also frequently referred to as bad actors, threat actors, and hackers.
They may also be a part of a criminal organisation that collaborates with other threat actors to identify holes or issues in computer systems, often known as vulnerabilities, which they can then use to their advantage.
In a world dominated by social networks, online transactions, cloud computing, and automated operations, technology is advancing quickly.
But as technology advances, cybercrime also advances, creating new attack types, tools, and techniques that let attackers get inside more complex or tightly controlled environments, cause more damage, or even go unnoticed.
Even while it wasn’t immediately obvious when the LA attack started
officials have just stated that it was discovered, and a district spokesman has declined to provide any other information. Saturday night’s revelation reached the top echelons of the federal government’s cybersecurity organisations.
This pattern of aid, according to a senior administration official, was consistent with the Biden administration’s efforts to offer the most support possible to crucial industries affected by similar intrusions.
The United States cautions businesses to remain vigilant for potential Russian cyber attacks.
The individual, who spoke on the condition of anonymity to discuss the government response, said that the school district did not pay a ransom, but he or she would not elaborate on what might have been taken or hurt, or what systems might have been compromised.
An increasing national security worry is shown in the White House’s response to the LA incursion: According to a Pew Research Center survey released last month, 71% of Americans believe foreign cyberattacks pose a serious threat to the U.S.
Although LA Superintendent Alberto Carvalho refused to disclose which countries may be involved, authorities believe that the LA attack had an international origin and have pinpointed three possible countries where it may have originated. Russian-speaking cybercriminals who work independently of the Kremlin make up the majority of ransomware offenders.
According to Brett Callow, a ransomware expert at the cybersecurity company Emsisoft, 26 U.S. school districts, including Los Angeles, and 24 colleges and universities have been affected by so-called ransomware thus far this year.
Many cyber criminals instead utilise the same technology to steal critical information and seek extortion payments as victims increasingly refuse to pay to have their data decrypted. The data is posted online if the victim refuses to pay.
Data was stolen from at least 31 of the schools affected this year, according to Callow, who also pointed out that eight school districts had been affected since August 1. The increase in students attending school when summer holidays come to a close is almost definitely not a coincidence, he said.
Tireless—and expensive, even without any financial requirements. While Baltimore City’s response to a 2019 attack on its computer servers cost upwards of $18 million, the largest school district in Albuquerque was subject to a ransomware extortion attack that prompted schools to close for two days in January.
Separately on Tuesday, federal authorities expressed concern about prospective ransomware attacks by the Vice Society criminal organisation, which is said to have disproportionately targeted the educational sector.
Vice Society did not respond to a call for comment on Tuesday, and authorities have not stated if they think the group was involved in the incident in Los Angeles.
According to security analysts, Vice Society originally surfaced in May 2021 using ransomware that was generally available in the Russian-speaking underground rather than a special edition. The Elmbrook School District in Wisconsin and the Savannah College of Art and Design are two examples of the cyber attack victims listed by Vice Society.
After high-profile attacks like the Colonial Pipeline incident from last year, which caused runs on gas stations, ransomware gangs frequently disband. Then, their members reassemble under new names.
Tuesday’s classes in Los Angeles were initially scheduled to be cancelled, but administrators eventually opted against it.
Why do people carry out cyber attacks?
Every year, more people attempt to profit from weak corporate systems, which has led to an increase in cyber crime. Attackers frequently want ransom: Cyber attacks caused damages of at least $500,000 in 53% of cases.
Additionally, cyber threats may be created for nefarious purposes. Some attackers use system and data destruction as a kind of “hacktivism.”