Los Angeles Unified (LAUSD), which is the second largest school district in the U.S., has suffered a ransomware attack that hit its IT systems over the weekend. LAUSD enrols 640,000 students and includes Los Angeles, 31 smaller municipalities, and Los Angeles County unincorporated sections.
To remediate the situation, LAUSD is currently working with the FBI and CISA to investigate and respond to the incident.
The LAUSD said it is “immediately establishing a plan of action, informed by top public and private sector technology and cyber security professionals, to determine additional protections for the District, and to provide an independent opinion on system-wide protective measures.”
Looking into the incident for Digital Journal is Josh Rickard, Senior Security Automation Architect at Swimlane.
Rickard begins by setting the scene: “LAUSD, the second largest school district in the United States, was a victim of a devastating ransomware attack that disrupted its IT systems. With kids returning to school this week as well as school districts’ limited cybersecurity resources, school systems like LAUSD have unfortunately become easy targets for cybercriminals.”
This incident represents the latest event to be targeted at the school system. In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records, as well as data relating to COVID-19 testing.
Here Rickard adds: “Ransomware attacks can be crippling to American school districts, since many school systems lack the proper resources and funding for cybersecurity personnel.”
With the specific incident he notes: “While LAUSD is currently working with the FBI and CISA to investigate and respond to the incident, there are steps school districts can take to prevent an attack before it occurs.”
There are measures that educational institutions can take to make such attacks less likely. Rickard recommends: “To mitigate the result of limited cybersecurity resources, school districts should use security automation to assist with the detection and response to these threats in real time.”
Ideally, each institution will have robust security program, strong ransomware defence, and stout resilience measures in place. This is, however, not always the case.
Rickard further recommends: “By adopting low-code security automation, organizations can implement repeatable and reliable response processes that augment the lack of staff available.”