Over the weekend the Los Angeles Unified School District (LAUSD), the second-largest school district in the nation, was hit by a ransomware attack that has caused a “significant disruption.”

Classes resumed on Tuesday following the Labor Day holiday, but a number of essential services – such as faculty email, Google Drive access and computer applications such as the Schoology management system – remain unavailable.

LAUSD said in a press release that the technical issues have not been causing issues with transportation, food service or after-school programs, and maintained that systems critical to the district’s daily business operations – such as employee health care and payroll – were not affected. Still, the full impact of the attack remains unknown, and investigations are ongoing. Officials are trying to determine whether any data has been stolen from LAUSD’s systems.

Schools and the healthcare industry are low-hanging fruit for attackers because cybersecurity awareness and protection has not been a high priority, often times, security awareness training for school employees is sitting through an hour-long video or clicking through slides and attesting that you completed the training. That’s not training.”

Steve Tcherchian 
CISO, XYPRO Technologies

Ransomware attacks work by encrypting files on a user’s computer system and then demanding a ransom payment in exchange for the decryption key. These attacks often take a multi-pronged approach, by accessing and then selling stolen data even after the ransom is paid.

Read the article here