Federal agencies issued a warning on Tuesday, September 6, saying that criminal hackers have recently targeted school districts in the United States and will likely continue to escalate their attacks this coming school year, according to CNN.
The Federal Bureau of Investigation (FBI), MS-ISAC, a nonprofit organization that shares cyber threats, and the Cybersecurity and Infrastructure Security Agency issued the alert. They warned that attacks may increase as the 2022-2023 school year starts and criminal ransomware groups grasp opportunities for successful attacks.
The group added that school districts with constrained resources and limited cybersecurity capabilities are often the most vulnerable to attacks. The opportunistic targeting often seen by criminal hackers can still put school districts with robust cybersecurity programs at risk.
Ransomware hackers target LA school district
The alert comes after the Los Angeles Unified School District announced late Monday evening that it had been infected with ransomware. Hackers infected the computer networks of one of the largest school districts in the U.S. with malicious software, locking up their files and demanding a ransom payment.
The district announced that while classes in Los Angeles were not canceled, the attack caused significant disruption to the school district and some of its services, according to the Guardian.
Ransomware hackers often go after computer networks tied to essential services, especially if they are not staffed with strong cybersecurity protections, making school districts a ripe target for cybercriminals. That leads to some schools being closed with little notice, forcing parents to make emergency plans for how to watch their children.
At least 26 school districts in the country have been infected with ransomware in 2022 thus far. According to a tally maintained by Recorded Future, a cybersecurity company, seven of those incidents have come since the start of August.
The administration of President Joe Biden officially made ransomware a high-priority concern in May 2021 after hackers locked up computer networks belonging to Colonial Pipeline, leading to some gas shortages in the U.S. There have not been any such high-profile ransomware attacks on energy infrastructure since then.
Ransomware attacks continue on school districts, health care facilities
Brett Callow, a ransomware analyst at Emsisoft, told NBC News that ransomware attacks on health care facilities and school districts have continued. He suspects that actors may be avoiding the American targets, which they believe would put them in the crosshairs of U.S. law enforcement or attract the attention of U.S. Cyber Command.
The government also warned that ransomware attacks on schools run the risk of giving hackers access to kids' personal information. The government alert said that K-12 institutions might be seen as lucrative targets for hackers due to the amount of sensitive student data accessible through school systems or their managed service providers.
An NBC News investigation back in 2021 found that ransomware groups had published sensitive personal data on American kids from more than 1,200 schools.