Ransomware attacks on schools in the US may increase as children return to school and cybercriminals see more extortion opportunities, federal officials warned on Tuesday as the Los Angeles Unified School District grappled with a significant ransomware attack.
A ransomware gang known as Vice Society, which emerged last year, has been “disproportionately targeting the education sector with ransomware attacks,” said the public advisory from the FBI, US Cybersecurity and Infrastructure Security Agency, and the MS-ISAC, a cyberthreat-sharing body.
Schools with limited cybersecurity resources are often the most vulnerable to ransomware, federal officials said, but even well-defended school systems can be at risk to opportunistic hackers.
K-12 schools “may be seen as particularly lucrative targets” because of the sensitive student data stored on school systems or through third-party tech companies, the advisory said.
The warning comes as the Los Angeles Unified School District, one of the largest in the US, experienced a ransomware attack over Labor Day weekend that the district said caused “significant disruption” to computer systems but did not cancel classes.
It’s unclear who was responsible for the breach of the school district’s computers. CNN has reached out to the school district for comment.
Ransomware attacks have been an added worry for school administrators already struggling to deal with the coronavirus pandemic.
The ransomware attack on the Los Angeles school district is the 50th this year on the US education sector, according to a tally by cybersecurity firm Emsisoft.
A predominantly Black college in Illinois was forced to close in May after a pandemic-induced drop in admissions and fallout from ransomware attack on its computer systems.
A separate ransomware attack in January forced the Albuquerque, New Mexico, public school system – comprised of more than 140 public schools – to close for two days because the hack affected systems that host information on emergency contacts for students and adults who are authorized to pick students up from school.
That same month, another ransomware attack on a software provider affected the websites of about 5,000 schools, mostly in the US, that used the software.
The Government Accountability Office, a federal auditor, has called on the Department of Education to do more to protect schools from hacking threats.