Between 2016 and 2022, more than 1,600 schools or districts across the country have been affected by ransomware attacks, according to the U.S. Government Accountability Office.
Locally, the most recent cyber attack in Southern California targeted the Glendale Unified School District, prompting officials to advise students and staff to not use their district-issued laptops and Chromebooks while IT crews worked to resolve the ransomware affecting their systems.
The Los Angeles Unified School District was also forced to disable all of its computer systems for several weeks last year after a cyber attack led to the compromise of about 2,000 student assessment records as well as positive COVID test results, driver's license numbers and Social Security numbers, and data from the Long Beach Unified School District was also stolen by a hacker and posted online earlier this year, with hackers gaining access to a list containing student identification numbers, names and their corresponding LBUSD-provided email addresses.
Attacks increased during the COVID-19 pandemic as schools transitioned to remote learning and relying more on IT services, according to Clifford Neuman, a professor of computer science practice at the University of Southern California.
Ransomware attacks have become a common tactic employed by criminals seeking to disrupt the operations of a school district and demanding a ransom in order to stop the attack or provide information needed to recover stolen data, Neuman said.
While Glendale Unified officials work to resolve the matter, Neuman offered a few tips for parents and students to follow in order to prevent any further leaks and keep their personal information safe. These include:
- Be wary of any communications you receive as someone posing as a district official could ask for sensitive information,
- Avoid sharing passwords associated with school accounts, even when prompted through emails or texts messages by school or district officials,
- Do not download unfamiliar software or programs onto school-issued computers,
- After a cyber attack, do not use any laptops or electronics connected to the school's IT system as the malware can infect home or personal networks too.
These cyber attacks can affect school districts from days to weeks, the full recovery sometimes taking months to process with schools facing significant monetary losses with having to replace computers and other hardware, Neuman said.
"LAUSD systems were shut down for period of weeks, which can have greater consequences than the attack by disrupting educational instruction," he said. "But it must be done."
©2023 San Gabriel Valley Tribune, West Covina, Calif. Distributed by Tribune Content Agency, LLC.