Hacker gang that attacked LA school district issues ransom demand to school
Hacker gang that attacked LA school district issues ransom demand to school.
The hackers who hit the district with ransomware over Labor Day weekend have now issued a ransom demand, according to the Los Angeles Unified School District (LAUSD) principal.
Principal Alberto Carvalho told the Los Angeles Times on Tuesday that the hacker had made a request, but the district has not responded, and the school declined to disclose the amount requested.
The publicity of the ransomware attempt represents an inevitable escalation of the ransomware attack that targeted the second largest U.S. school district, and just as students began returning to school after their summer break, and subsequently raised questions about what hackers may have been able to gain access to. Sensitive information issues.
While the attack disrupted some of the school’s email systems and other applications, other critical systems, such as the MiSiS student management system, were restored and brought back online shortly after.
But at a news conference on Wednesday, the principal said hackers likely accessed MiSiS data, including some students’ information.
“We believe that some of the data that was accessed may have some student names, there may be some degree of attendance data, but should not contain personally identifiable information or very sensitive health information or Social Security number information,” Carvalho told local reporters.
While the source of this ransomware attack has not been officially identified, there are many indications that it was carried out by a cyber gang known as the Vice Society.
Shortly after the LA campus attack came to light, the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the Vice Society ransomware, which specifically targets K-12 institutions in the United States, although the LA campus was not targeted.
The Vice Society blamed the attack in a communication with reporters after CISA issued a cybersecurity warning.
Details released by CISA describe Vice Society as a “hack, exfiltration and extortion hacking group” that uses a dual extortion tactic: locking down systems and threatening to release data publicly unless a ransom is paid. The group became more active at the start of the school year, when the potential impact of ransomware attacks on schools was greatest, CISA said.
While the latest attack is the only time the Los Angeles school system has been successfully attacked, it has encountered at least one near miss in the past. In the wake of the Labor Day attacks, cybersecurity researchers at Hold Security revealed that they had previously detected devices linked to the school district in a malware botnet, but disclosed the discovery in time to prevent further attacks.