Cybersecurity

Cyber threats to schools aren’t going away

The LAUSD Labor Day hack revealed vulnerabilities in the system—and things are going to get worse.
article cover

Francis Scialabba

· 3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

Stick ’em up. On September 6, the Los Angeles Unified School District was hit with a ransomware attack that shut down the district’s computer systems and required password changes for 70,000 employees and 540,000 students.

The hackers behind the attack have issued a ransom demand, LAUSD Superintendent Alberto Carvalho told the LA Times last Tuesday, though he didn’t specify the amount nor whether the district intends to pay.

“There has been no response to the demand,” Carvalho said, adding that LAUSD is working on “our ramping up of apps and systems.”

While the district has been getting back on its feet since the attack, it’s been slow going. The district called changing passwords the "biggest challenge" to recovery.

Lying in wait. Director of the Tech + Narrative Lab and a professor at the Pardee Rand Graduate School Todd Richmond noted that in the LAUSD case, what’s most threatening may not even be the attack itself—but rather, what could come after.

“I worry less about the ransomware attacks, and I worry more about the Trojan horses that are being installed for use at a later date,” Richmond told IT Brew.

The Trojan horse attack Richmond warned about is still a concern. The Verge last week reported that LAUSD was the subject of a prior hack in February 2021, one that used a TrickBot Trojan to install ransomware.

According to anti-ransomware platform Halcyon CEO Jon Miller, the presumption can’t be that the attackers are out of the system until it’s been completely secured.

“Even if a victim has backups, they will need weeks and months of expensive recovery and incident response that must be completed to ensure the network is safe to run fully again,” Miller told The Verge.

Size is overrated. Districts around the nation large and small are vulnerable to cyberattacks. With the edtech field growing as schools adopt remote and hybrid approaches to educating students, the potential for security breaches revealing highly sensitive information is increasing.

In a district like LAUSD, which manages hundreds of thousands of users, the larger size might be a hindrance to security, tech analyst Ethan Banks told IT Brew. While the assumption might be that smaller districts are more vulnerable to attacks, that’s not necessarily the case. Larger districts have more to spend on IT professionals, but because smaller institutions rely on consultants and outsourcing security, their data is just as likely to be as safe, if not more so, as that of their bigger counterparts.

“If there's a good IT architect—whether that's a third party to the school district or not—taking care of things, it could be pretty robust,” Banks said.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected] or DM @EoinHiggins_ on Twitter.

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.