Hackers have recently targeted U.S. school districts and will likely continue to escalate their attacks this school year, federal agencies warned Tuesday.
The alert – issued by the FBI, the Cybersecurity and Infrastructure Security Agency and MS-ISAC, a non-profit organization that shares cyber threats – warned that “attacks may increase as the 2022/2023 school year begins and that criminal ransomware groups perceive opportunities for success.” attacks. »
“School districts with limited cybersecurity capabilities and limited resources are often the most vulnerable; however, the opportunistic targeting often seen with cybercriminals can still put school districts with robust cybersecurity programs at risk,” the group added.
The alert comes after the Los Angeles Unified School District, one of the largest school districts in the United States, announced late Monday that it had been infected with ransomware. Hackers infected the district’s computer networks with malware, blocking files and demanding ransom payments.
Although classes in Los Angeles were not canceled, the attack caused “significant disruption” to the school district and some of its departments, the district said.
Ransomware hackers often attack computer networks related to essential services, especially if they lack strong cybersecurity protections, making school districts a ripe target. In some cases, this leads to schools closing without notice, forcing parents to make contingency plans to monitor their children.
At least 26 US school districts have been infected with ransomware so far in 2022, with seven such incidents occurring since the start of August, according to a count kept by cybersecurity firm Recorded Future.
The Biden administration officially made ransomware a priority concern in May 2021, after hackers locked down computer networks belonging to Colonial Pipeline, leading to gas shortages. Since then, there have not been such large ransomware attacks on energy infrastructure.
But ransomware attacks on school districts as well as healthcare facilities, which fall under the Department of Homeland Security’s definition of critical infrastructure, have continued, said Brett Callow, ransomware analyst at Emsisoft, a specialist firm. in responding to ransomware attacks.
“I suspect the actors are avoiding US targets that they believe are likely to attract the attention of US Cyber Command or put them in the crosshairs of US law enforcement,” Callow said.
Ransomware attacks on schools also risk giving hackers access to children’s personal information, the government has warned.
“K-12 schools may be considered particularly lucrative targets due to the amount of sensitive student data accessible through school systems or their managed service providers,” the government alert said.
A 2021 NBC News investigation found that ransomware groups had released sensitive personal data about American school children at more than 1,200 schools.