os Angeles school officials were scrambling Tuesday to respond to a cyberattack on the nation’s second-largest school system with classrooms opening as usual — even as teachers were missing online lesson plans and wondering how to file their attendance.
The seriousness of the attack was underscored by the breadth of the response: Agencies including the FBI and the Department of Homeland Security are involved in the investigation.
The district’s webpage was partially restored by early Tuesday morning, but the Board of Education page, which lists meetings and provides agendas and public reports, was still down.
So far, the L.A. school district has not indicated that data theft of student or employee records is part of the current problems.
An 8 a.m. update advised that all students and employees are required to change their password. The update included a staggered scheduled for this process, with administrators and teachers first, followed by support staff, high school students and finally elementary and middle school students.
“There may be delays due to high demand,” the advisory warned.
The first indication of ongoing disruptions was late Monday night.
“Business operations may be delayed or modified,” the district stated. However, “based on a preliminary analysis of critical business systems, employee healthcare and payroll are not impacted. Nor has the cyber incident impacted safety and emergency mechanisms in place at schools.”
One teacher reported at 7:30 a.m. that she was unable to log in. “Some teachers are under the impression they can change their LAUSD password, then log in, but the password site is down,” said one teacher.
“I am unable to do my job, which is to assure students are present in school,” an attendance counselor reported. “We do have paper attendance we will be collecting, but I would usually call home or go on home visits to find out students’ whereabouts. Unfortunately, with not having access to their information, I will not be able to find out where those students are. As it is, after the pandemic, we have been working hard to find students.”
Besides taking the district’s website offline, the attack eliminated access to email and affected systems that teachers use to post lessons and take attendance.
“Since the identification of the incident, which is likely criminal in nature, we continue to assess the situation with law enforcement agencies,” the district stated in a release Monday night. “While the investigation continues, Los Angeles Unified has swiftly implemented a response protocol to mitigate districtwide disruptions, including access to email, computer systems and applications.”
Officials said they have been working around the clock to solve the multi-layered problem.
“The White House brought together the Department of Education, the Federal Bureau of Investigation (FBI) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to provide rapid, incident response support to Los Angeles Unified, building on the immediate support by local law enforcement agencies,” the district announcement said.
Until late Monday night, no information from the district indicated what was causing the problems. By that time, teachers, parents and students were posting all over social media about technical issues.
When the district acknowledged the attack, officials also announced an array of measures to improve cybersecurity going forward. These measures, the district said, “have been taken, will be taken immediately or will be implemented as soon as feasible.”
The list includes:
- Setting up an independent Information Technology Task Force. It would be charged with developing recommendations within 90 days and providing monthly updates.
- Deploying technical staff across the vast school system to assist with issues that arise in the coming days
- Reorganizing departments and systems “to build coherence and bolster data safeguards”
- Appointing an expert technology advisory council and naming a technology advisor who will focus on security procedures and practices as well as an overall data center operations review
- Adding budget dollars as needed and improving employee training
- Analyzing systems with help from federal and state law enforcement
In recent times, hackers have targeted businesses and public agencies, including schools — seeking ransom or simply to cause mayhem. A notable local attack targeted the Newhall school system in 2020.
Cyberattacks come in various forms, including the theft of private information with the potential to be misused at a later date. In May, the Chicago public school system announced that a massive data breach exposed four years’ worth of records of nearly 500,000 students and just under 60,000 employees.
The attack targeted a company that stored teacher evaluations and basic student information — including dates of birth — but no financial records or Social Security numbers, according to the school system.
A separate recent cyberattack, targeted a company, Illuminate Education, whose clients include L.A. Unified, and whose services, according to its website, reach “more than 17 million students” in 5,200 schools and school districts.
L.A. Unified has had a few major internal computer fails — especially related to intended upgrades. In one instance, the payroll system malfunctioned, resulting in underpayments and overpayments that took years to resolve. In another episode, a new student information system made students’ academic records and class schedules unavailable.
Before the nature of the attack was made clear, a post on the local Parents Supporting Teachers Facebook page suggested making the best of the situation:
“LAUSD staff who thought they’d get some work done today are forced to relax due to a districtwide outage. Enjoy it!”
Parents and teachers reported a variety of problems on social media.
“Apparently everyone I’ve talked to/texted with says when they try to log on they are being instructed to change their Google password, saying it’s outdated… then when they do, it locks them out,” one person reported.
A teacher posted: “Everything that requires an lausd log-[in] is down for the count!!”
Other staff members also reported, referring to the Schoology system that is integral to posting and receiving assignments:
“My computer was logged into both schoology and my drive (before outage) and I have access. I can’t get into other sites and I’m not logging out for fear of being locked out.”
Another teacher had been planning to catch up on Monday: “Confession… I didn’t finish my lesson plans. The only good thing is that I have my Teacher guides downloaded, and all my slides.”
Said another: “EVERYTHING is on google drive. This is very frustrating. Praying my drive is restored!”
This story originally appeared in Los Angeles Times.
Quelle 06092022 1950 https://www.yahoo.com/now/cyberattack-takes-down-l-unified-060418681.html?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cubGlua2VkaW4uY29tLw&guce_referrer_sig=AQAAALU1afuv6H71cFK3CxiyzlAlevL-V1GiPGZWeBmA_DsuEJNKfSlY-ipmSMRb9PSuF8aPHJJj5kh959SaavpDChc22Tw2tycmqntBiXSuZ_GKp7mBC8UTQPh7DNFwSx7K7cStjEW8Kmvckj9NY_7ehQmKwqgpAmCSNyBbG9v8YY_Q