Main menu


Is your school ready to fend off cyberattacks? The LAUSD situation is a cautionary tale – Daily Breeze

featured image

School districts these days face huge challenges ranging from the loss of learning during the pandemic to the threat of school shootings. There is another threat that is always lurking. Cyberattacks like the one the LA Unified School District experienced over the weekend on their information technology systems.

When LA teachers, parents, students and leaders bore the brunt of the attack Monday, it begged questions such as: Much of modern education relies on computer technology, so how difficult would it be to run a school properly in such a case? A devastating attack, especially if it lasts a long time?

Can schools and their staff get by without programs used to communicate with each other, not just with students and their parents?

Ashton Potter, director of technology for the Alhambra Unified School District, said cyberattacks are a big concern.

“Alhambra Unified, along with all the school districts in the country, are always prepared for cyberattacks like the ones LAUSD has suffered,” said Potter. “Cybersecurity is a top priority for AUSD, alongside the physical safety of our students and staff.”

Alhambra Unified is prepared for such an attack, however, officials said.

“If you go through a situation like LAUSD, AUSD could work,” Potter said. “Most of the district’s communication tools are cloud-based apps. We back up our internal systems offline daily. We prioritize our time and resources to keep our hardware and software systems up to date. .”

The district’s standby server is used as part of a suite of tools that allow administrators, parents, and students to access student information systems for grades and attendance.

But the nature of attacks is getting more and more sinister, experts suggest.

“One thing we are seeing, especially with ransomware attackers, is that very few ransomware attacks lock down school IT systems and infrastructure, a trend that has emerged over the last few years. said Doug Levin, National Director of K12 Security eXchange (K12 SIX), a non-profit organization founded to protect schools from cybersecurity threats.

The rest of the “story” is that the initial attack involved a massive data breach, he said.

Ransomware attackers can compromise a school district’s IT systems for weeks or even months before launching malware designed to threaten to expose sensitive personal data unless a ransom is paid. There is potential, says Levin.

At risk is the exposure of sensitive data, from information about students, families and teachers to school district business operations.

When school districts didn’t negotiate with ransomware attackers, their data was dumped or sold to crime forums on the dark web. This has led directly to identity theft not only of school staff and adults, but also of students as young as elementary school.

The school district is taking precautions.

Manoj Roychowdhury, deputy director of business services at Hacienda La Puente Unified, said his school district is very aware of the problem.

Roychowdhury pointed to “progressive steps” to strengthen the district’s infrastructure. Firewalls, virtual private networks (VPNs), enhanced data security and monitoring, and extensive employee training are all employed to protect against hackers, Roychowdhury said.

Arturo Ortega, the Azusa Unification Superintendent, added that if his district were to suffer such an attack, it would affect his daily life, but he would be able to overcome it.

“In the last few years, we have definitely become more reliant on educational technology,” he said. “The loss of teaching technology will cause some disruption to our daily work, but we are fortunate to have both digital and hard copies of our student’s curriculum and textbooks.”

He said attendance can be taken by hand and communication with parents can be done by letters sent home.

“Without access to classroom technology, the daily instruction in some classes may look a little different than what students are used to, but we can deliver a great educational program. said Ortega.

His technical manager, Manuel Sanchez, suggested such instances were a sign of the times.

“As the number of online services required to keep school districts operating in the digital world grows, the impact of attacks like the one that impacted LAUSD could have the effect of disrupting operations in ways students, faculty and staff are accustomed to for an extended period of time. It’s been a difficult period.”

“IT departments work hard to prevent attacks like this, but the reality is that criminal gangs are trying to exploit the system.”

These attacks come at a cost, says Levin.

“The short-term cost of responding to an incident is far less than the long-term cost,” he said.

He noted that Baltimore County public schools and Buffalo public schools have suffered cyberattacks in the past two years.

“They reported that their medium-term restoration costs would be around $10 million or more,” he said. “Baltimore County is a larger school district, but not as large as LAUSD. Buffalo is smaller.

“And these are real costs whether or not the district pays the extortion demands. The fact that it happened suggests that considerable work may be needed to ensure that such things do not happen again.”

In this regard, Levin said, this is indeed a wonderful new world for schools.

“For schools that may not have relied heavily on technology in the past few years, in a post-corona world with remote learning on the rise, schools are now doing everything, not just teaching and learning in the classroom. We rely on technology, back-office operations.

In other words, just about anything.

Levin said school districts are very different places when it comes to cybersecurity programs because there is no uniform mandate for schools to provide a certain level of security services.

He also said that getting cybersecurity insurance isn’t easy because insurers have to meet certain criteria to be eligible.

“For example, you may not get cybersecurity insurance unless you put in protections that you know work,” says Levin.

Needless to say, that kind of insurance is very expensive.

“I know school districts that stopped getting insurance because they weren’t eligible or couldn’t afford it,” he said.

Ultimately, LAUSD appeared to have escaped a major breach.

Classes resumed as scheduled at the nation’s second-largest school district on Tuesday following the weekend’s cyberattacks on information technology systems. The attack led to federal investigations and instructions to teachers, staff and students to change passwords in hundreds of thousands of school districts.

According to LAUSD Superintendent Albert Carvalho, the attackers used ransomware, but no confidential student information was compromised, and there is no evidence that Social Security numbers or sensitive health information were compromised. was.

He said the entity attacked the district’s facilities system, which contains information about payments to contractors. Many of them were already published.

All in all, Carvalho said at the morning press conference, “We have a pretty normal school life.”

Yet by 9am, the school’s attendance system was back online, but the school was also manually capturing attendance.

District officials said they were “informed by top technology and cybersecurity experts from the public and private sectors” and immediately established an action plan to provide future protection.

Levin said his advice to school districts is to act before an incident occurs by putting in place better defenses and better policies.

“This is not something we want to reveal after we realize we’ve been compromised in an incident,” Levin said.