John Paul M. Joaquin Tech 09.06.2022 22:Sep PM EDT

The Los Angeles Unified School District Falls Victim to Ransomware Attack

The second largest school district in the US is going through a significant IT disruption.

The Los Angeles Unified School District (LAUSD) has recently been the victim of a cyberattack that caused considerable levels of disruption to the school district's IT system just when classes are back in session.

Despite the cyberattack, classes will still proceed as usual, though business operations could experience delays or modifications.

LAUSD Cyberattack Details

The LAUSD mentioned in its announcement on its official website that it detected the cyberattack, which started as "unusual activity" in its IT systems, over Labor Day weekend.

Engadget mentioned in its report that the attack took place on Saturday, Sept. 3.

Officials said that cyber criminals who initiated the attack appear to have targeted the facilities systems, which involves information about private-sector contractor payments, per The Guardian.

Additionally, LA schools Supt. Alberto Carvalho said that the cybercriminals carried out the attack with a "ransomware tool," though the district has not received a ransom demand for stolen data, if there are any, per the LA Times.

However, the data the cybercriminals are looking to take are publicly available through records requests rather than confidential details like payroll, health, and other data.

Authorities also believe that the attack originated internationally, adding that they have already identified three possible countries where the attack originated from.

However, Carvalho did not disclose which countries are being suspected.

The cyberattack is currently being investigated by the FBI, the Department of Homeland Security, and local law enforcement.

LAUSD's Response To The Cyberattack

When the nature of the unusual activity, the district said it "swiftly implemented" a response protocol to mitigate districtwide disruptions to email access, computer systems, and applications.

This response protocol is to shut down many of the district's most sensitive platforms during the attack, which was able to restrict the cyberattack's potential damage to the district's systems.

"That was the right call at the right moment," Carvalho said.

As a result, the cyberattack didn't cause any inconveniences to the operations of the schools within the district for the most part.

Classes will also proceed, as usual, meaning that the 600,000 students within the LAUSD will still be going to school to attend the first day of classes in the new school year.

The LAUSD also added that non-school safety and emergency systems weren't affected by the attack. Employee payroll, transportation, food, Beyond the Bell services, and health care networks also remain unaffected.

However, there are some parts of the district's IT systems that were affected by the cyberattack. Some business operations may be delayed or modified to compensate for the delay caused by the attack.

Additionally, staff and students have lost access to their emails, while teachers lost the systems they use to post lessons and take attendance. Fortunately, no Social Security Numbers or medical information was stolen.

Everyone connected to the LAUSD's systems is advised to change their passwords. However, students in the district's full-time remote learning program can use the district tech-help hotline for support, though Carvalho mentioned that the wait could be long.