Federal law enforcement issued a warning late Tuesday that they expect ransomware attacks on school systems to increase as the new school year begins.
The notice — issued by the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and MS-ISAC, a nonprofit organization that shares cyber threats — warned that “criminal ransomware groups perceive opportunities for successful attacks.”
The warning specifies that one particular group called the Vice Society is “disproportionately targeting the education sector with ransomware attacks.”
The Vice Society has been identified “through FBI investigations as recently as September 2022,” officials said.
The warning is timely, as criminal hackers have recently targeted U.S. school districts, including the nation’s second-largest school district — the Los Angeles Unified School Department, which fell victim to a ransomware attack over the weekend.
Hackers infected the district’s computer networks with malicious software, locking up files and demanding a ransom payment.
The district’s IT team recognized the attempted hack and shut down the system to prevent further data compromise.
While classes in Los Angeles continued unaffected, the attack caused a “significant disruption” to the school district and some of its services, the district announced.
“It’s undeniable that, if we had not number one detected this anomaly, and responded by alerting our law enforcement partners, and brought in all the extra police that we have brought on board so quickly, it could have been a catastrophic set of circumstances that we would be facing today,” said Alberto Carvalho, the Superintendent of Los Angeles’ schools.
Ransomware hackers often go after computer networks tied to essential services, especially if they do not have strong cybersecurity protections, making school districts prime targets.
At least 26 U.S. school districts have been infected with ransomware so far in 2022, with seven of those incidents coming since the beginning of August, according to Recorded Future, a cybersecurity company.
An NBC News investigation from 2021 found that ransomware groups had published sensitive personal data on American schoolchildren from more than 1,200 schools.
The Mansfield Independent School District was recently targeted in a ransomware attack. Late last month, hackers were able to get control of the district’s system, forcing a shutdown.
Mansfield ISD did not respond to questions about whether it had to pay to regain control of its system.
The notice issued Tuesday warns that smaller school districts are the most vulnerable because they have the least resources to prevent attacks.
“School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable; however, the opportunistic targeting often seen with cyber criminals can still put school districts with robust cybersecurity programs at risk. K-12 institutions may be seen as particularly lucrative targets due to the amount of sensitive student data accessible through school systems or their managed service providers,” the bulletin says.