L.A. Unified cyberattackers demand ransom

- Advertisement -

Hackers targeting the Los Angeles Unified School District have demanded a ransom, officials confirmed Tuesday, a sign that the attackers may have extracted sensitive data or believe they may have tricked the district into thinking they had Is.

- Advertisement -

“We can confirm that a demand was made,” L.A. School Sup. Alberto Carvalho said. “There has been no response to the demand.”

Carvalho declined to disclose any further information about the ransom demanded or what information, if any, the attackers had.


He added that “there have been no new security breaches” and the school system is continuing to “ramp up our apps and systems”.


Officials said they are hopeful that Social Security numbers and other sensitive employee information remains safe. But the outlook may differ regarding student information, such as grades, course schedules, disciplinary records, and disability status. The district does not collect Social Security numbers for students and parents.

- Advertisement -

Earlier Carvalho revealed that the attackers extended their deadline to enter talks without specifically mentioning the ransom amount. Carvalho said the district is following the advice of experts and law enforcement, including the FBI as well as the Los Angeles Police Department.

In a related development, federal officials announced Friday New Major Grant Program To help public agencies better protect themselves from cyberattacks.

The demand for money was widely speculated in the wake of the cyber attack, which was discovered in progress on the night of Saturday, September 3, of Labor Day weekend.

Hackers usually threaten to post sensitive data online if they are not paid, but it can be difficult to determine what they have obtained, and they may lie.

In general, such payments are a bad idea, said Clifford Newman, director of USC’s Center for Computer Systems Security.

“It is important for any organization affected by ransomware to understand that even if they pay ransom demands, they will incur significant IT expenses and delay system repairs,” Newman said. “The best course of action is not to pay the ransom and recover the system from backup.”

He added: “There is no reason to believe that criminals would actually delete the excluded data even if the ransom was paid.”

The attempted data theft was an element of the attack on LA Unified. The second involved attempting to disable district computer systems, making them inaccessible.

Although both elements of the attack were only partially successful, a full recovery has been difficult. For example, information on Tuesday’s Board of Education meeting was posted via a temporary, cumbersome webpage. Campuses reopened Tuesday after Labor Day, but many students, parents and staff said a full teaching week had been lost as technicians double-checked and slowly rebooted systems and users exceeded 600,000. Password reset.

Along the way, the district discovered malware that attackers left behind, which were not discovered and had the potential to cause more damage if carefully disabled.

Carvalho described the malware as “leaving behind a digital tripwire that if tripped would further disable or infect the system.” This discovery caused delays in resetting district passwords, partly due to concerns that new passwords could also be stolen.

Operations unfolded more smoothly in the second week after the attack, although technicians are still trying to restore the online system through which LA Unified handles the procurement and bidding process for sellers and construction projects.

Although a recent audit pointed to flaws in the district’s online security, LA Unified is far from alone.

“The only unusual thing about this attack is that it involved the second largest school district in the country. Besides that fact, incidents like this are unfortunately very common,” said Brett Callow, a cybersecurity firm, Emsisoft K’s threat analyst. “Already this year, 425 schools among 25 other districts have found themselves in a similar position to LAUSD.”

Most of those incidents resulted in the leaking of stolen data online.

a Reported site tracking cyber attacks That a county office of education in California recently paid a ransom of $400,000.

The LA Unified attack has been linked to a criminal syndicate that calls itself the Vice Society, although officials declined to confirm this.

Source: www.latimes.com

- Advertisement -

Recent Articles

Related Stories