HeyTutor cited data from the Bureau of Labor Statistics to examine the impact of the pandemic on teacher shortages, exploring new policies and initiatives school districts have put in place to counter this problem. -Canva
The latest cybersecurity incident affecting the beleaguered education sector has been directed to the Los Angeles Unified School District. The education body began notifying contractors that social security numbers, along with other sensitive information, were exposed during a ransomware attack in July 2022.
The District of Los Angeles has provided informationand it appears that an undisclosed number of students enrolled sometime between 2013 and 2016 and some employees during that period appear to have lost information including their date of birth and address.
While the incident occurred many months ago, alerts are only now being sent out to those affected. This last attack also shows again why school districts are an attractive target for threat actors. The issue also indicates why new steps should be taken to prevent the exposure of sensitive information or even the closure of the school.
Considering the importance of the incident for Digital magazine is Stephan Chenette, co-founder and CTO in AttackIQ.
Chenette: Expands why the school sector has proven to be a rich hunting ground for malicious actors: “Educational institutions remain an attractive target for cybercriminals because they store large amounts of valuable personally identifiable information (PII) and often lack critical information. resources for adequate security measures”.
With the specific incident, Chenette considers: “It is unknown how the adversary gained access to school district systems, but it is critical that educational organizations implement security solutions that monitor and scan organization-owned and managed assets for possible vulnerabilities to avoid interruptions”.
Exposing one reason for the vulnerability, Chenette opines: “School districts’ lack of staff and resources to defend against cyberthreats makes them an attractive target for cybercriminals. The consequences of a ransomware attack on underfunded school systems can be crippling, both financially and from data loss.”
There are steps that can be taken to offset these types of issues, Chenette recommends: “To prevent another similar attack, school districts should study the common tactics, techniques, and procedures used by common threat actors, which will help them build a stronger security. detection, prevention, and response programs specifically assigned to those known behaviors.”
Further, Chenette puts the point: “Organizations should use automated solutions that securely validate their defensive controls against ransomware campaigns and techniques to better prepare for the next threat.”
