The hackers who hit the Los Angeles Unified School District (LAUSD) with ransomware have now made ransom demands on Labor Day weekend, the district superintendent said.
On Tuesday, Chief Inspector Alberto Carvalho told the Los Angeles Times that a request had been made, but the district had not responded. Carvalho declined to disclose the amount requested.
The extortion attempt represents an inevitable escalation of the ransomware attack – which targeted the country’s second-largest school district just as students began to return after the summer break – and raises questions about what sensitive information the hackers may have been able to obtain. to acquire.
While the attack disrupted some of the school’s email systems and other applications, other critical systems, such as the MiSiS student management system, were restored and put back online shortly afterwards. But at a news conference held Wednesday, Carvalho said the hackers likely had access to MiSiS data, including certain information about students.
“We believe that some of the data accessed may have some student names, some degree of attendance, but most likely will not contain any personally identifiable information or highly sensitive health information or Social Security number information,” Carvalho told local reporters. , as quoted by Deadline.
Although the ransomware attack has not been officially attributed, there are many signs that it was carried out by a cyber gang known as Vice Society. Shortly after the LAUSD attack came to light, the Cybersecurity and Infrastructure Security Agency (CISA) warned of Vice Society ransomware specifically targeting K-12 institutions in the US, though the LA school district was not identified as a target. . Following CISA’s advice on cybersecurity, Vice Society took credit for the attack in communication with journalists.
Details published by CISA describe Vice Society as a “burglary, exfiltration and extortion hacking group” that used dual extortion tactics: locking down systems and threatening to release data publicly unless a ransom is paid. The group became more actively in sync with the start of the academic year, CISA said, when the potential impact of ransomware attacks on schools was greatest.
While the recent attack is the only time the LA school system has been attacked successfully, there has been at least one near miss in the past. In the wake of the Labor Day attack, cybersecurity researchers at Hold Security revealed that they had previously detected a device linked to the school district within a malware botnet, but disclosed the findings in time to prevent further attacks.
Janice has been with businesskinda for 5 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider businesskinda team, Janice seeks to understand an audience before creating memorable, persuasive copy.