Hackers targeting the Los Angeles Unified School District have made a ransom demand, officials confirmed Tuesday, suggesting the attackers have extracted sensitive data or thought they could trick the district into thinking they had.
“We can confirm that a request was made,” said Supt of the Los Angeles school. Alberto Carvalho said. “Demand is not being answered.”
Carvalho declined to disclose the amount of the ransom demand or any further information about what, if any, information the attackers might be holding.
He said there were “no new security breaches” and the school system was continuing “the addition of our applications and systems”.
Officials said they were optimistic that Social Security numbers and other sensitive information of employees would be kept safe. But outlooks related to student information, such as grades, course schedules, disciplinary records and disability status, may vary. The school district does not collect social security numbers for students and parents.
Earlier, Carvalho revealed that the attackers extended their deadlines Negotiate without specifically mentioning the ransom amount. Carvalho added that the district is taking advice from experts and law enforcement, including the FBI and the Los Angeles Police Department.
In a related development, federal officials on Friday announced a New Major Funding Scheme Help public agencies better protect themselves from cyberattacks.
Demand for funds is widely expected in the wake of a cyber attack, which is discovering On the evening of Saturday, September 3rd over Labor Day weekend.
Hackers often threaten to post sensitive data online without being paid, but it’s hard to determine what they’re getting, and they may be lying.
In general, such payments are a bad idea, said Clifford Newman, director of the USC Center for Computer Systems Security.
“It’s important for any organization affected by ransomware to understand that even if they pay the ransom demand, they will still incur significant IT costs and delays in fixing their systems,” Neuman said. “Best course of action is not to pay the ransom – restore the system from backup.”
He added: “There is no reason to believe that even if the ransom is paid, criminals will actually delete the leaked data.”
Attempts to leak data were one element of the attack on LA Unified. Another involved trying to disable regional computer systems, making them inaccessible.
Although both parts of the attack were only partially successful, full recovery was difficult. For example, information on Tuesday’s Board of Education meeting was released through a makeshift, cumbersome web page. Campuses reopened on schedule Tuesday after Labor Day, but many students, parents and staff said they lost a full teaching or work week as technicians double-checked and gradually rebooted systems and users reset more than 600,000 passwords.
along the way, School district finds malware Attackers are left behind, potentially wreaking more havoc if undetected and carefully disabled.
Carvalho described the malware as “a digital tripwire left behind that, if tripped, will further disable or infect the system.” The discovery led to delays in resetting the district’s password, in part due to concerns that new passwords could also be stolen.
The second week after the attack, operations unfolded more smoothly, even as technicians struggled to restore LA Unified’s online system for handling procurement and the bidding process for suppliers and construction projects.
Although recently Audit points out huge flaws LA Unified is far from alone when it comes to school district cybersecurity.
“The only unusual thing about this attack is that it involved the second largest district in the country. Putting that fact aside, unfortunately, such incidents are all too common,” said Brett Callow, a threat analyst at cybersecurity firm Emsisoft. “Already this year, 25 other districts and 425 schools have found themselves in the same position as LAUSD.”
Most of these incidents resulted in the leakage of stolen data online.
One Websites that track reported cyber attacks A county education office in California recently paid a ransom of $400,000.
Los Angeles Unified Attack associated with criminal groups It claims to be the Guilty Society, although authorities refuse to confirm it.