informa
1 MIN READ
Quick Hits

As LA Unified Battles Ransomware, CISA Warns About Back-to-School Attacks

Hours after Los Angeles Unified School District was hit with ransomware attack, CISA issued an alert that threat actors are actively targeting the education sector.

As the school year kicks off across the country, the US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to districts that threat actor group Vice Society is targeting their systems.

The notice comes just hours after the Los Angeles Unified School District confirmed it was the target of a successful ransomware attack over the weekend. The K-12 school district, the second-largest in the US, has not yet recovered its systems fully, with its main student portal login page out of service, according to local parents speaking to Dark Reading. A district voicemail instructed parents to reset their students' passwords in person or via calling a telephone line, which was seeing hold times of greater than half an hour this morning, parents reported.

"Since the identification of the incident, which is likely criminal in nature, we continue to assess the situation with law enforcement agencies," the LAUSD said in a statement.

CISA explained school districts are attractive targets for ransomware operators because of their vast troves of personal student data stored in their systems.

The advisory added that Vice Society activity can be traced back to summer 2021, and that the group uses a variety of ransomware variants including Hello Kitty/Five Hands, Zeppelin, and others.

Editors' Choice
Haris Pylarinos, Founder and CEO, Hack The Box
Robert Lemos, Contributing Writer, Dark Reading