Cybersecurity

Schools warned of increased threat of cyberattacks

The FBI and Cybersecurity and Infrastructure Security Agency (CISA) are warning cyberattacks may increase against schools as the academic year begins.

In a joint cybersecurity advisory published on Tuesday, the agencies detailed that a criminal syndicate known as Vice Society is “disproportionately” targeting the education sector with ransomware attacks.

“School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable; however, the opportunistic targeting often seen with cyber criminals can still put school districts with robust cybersecurity programs at risk,” the advisory reads.

The agencies outlined a series of recommendations for school districts to mitigate cyber threats, like maintaining a strong relationship with their local FBI field office and maintaining password standards.

The advisory came after the Los Angeles Unified School District (LAUSD) announced it had experienced a ransomware attack over the weekend.

Schools in the district opened as scheduled on Tuesday following the Labor Day holiday, but school officials said they required all students and employees to reset their passwords.

“I want to thank our students, families and employees for doing their part in the ongoing recovery from this weekend’s cyberattack,” LAUSD Superintendent Alberto Carvalho said in a statement on Tuesday evening. “While all critical systems are now active, it is imperative for our students and employees to reset their passwords to regain access.”

The advisory did not directly tie the LAUSD incident to the Vice Society group, which first appeared in May 2021 and has previously targeted the School District of Elmbrook in Wisconsin and the Savannah College of Art and Design.

The agencies suggested schools take steps like maintaining encrypted, offline backups of data, reviewing the security of their third-party vendors and implementing a recovery plan.

“Impacts from these attacks have ranged from restricted access to networks and data, delayed exams, canceled school days and unauthorized access to and theft of personal information regarding students and staff,” the advisory reads.