A cyberattack on Los Angeles Valley College over the holidays locked down a variety of the school’s IT systems just as students were returning for the new year. The major disruption prompted the L.A. Community College District to pay a Bitcoin ransom last week that amounted to approximately $28,000 in order to meet a hacker’s demands.
According to the Los Angeles Daily News:
While classes that began Tuesday were conducted as usual, 1,800 Valley College administrators and teachers were shut out from hundreds of computers, crippling access to spreadsheets, lesson plans, emails, voicemail, even the LAVC website.
District computer techs soon discovered the culprit: a ransomware virus spread by an anonymous hacker to randomly infect the entire college computer system.
According to information about the attack released by the college, the L.A. Community College District utilized its cybersecurity insurance policy to address the incident and in the early stages of the investigation, no data breach has been identified.
The L.A. County Sheriff’s Department cybersecurity unit has been leading the investigation into the incident, according to the Daily News.
Francisco C. Rodriguez, chancellor of the L.A. Community College District, said in a statement:
“The LA Community College District recently learned of malicious cyber activity targeting Los Angeles Valley College. This attack is believed to have taken place over the holidays and we are working closely with local and federal authorities to learn more about its potential impact. Our top priority in resolving this incident is ensuring that the security and privacy of our students and employees is protected. The District will provide updates as additional details are confirmed. In the meantime, we will continue working with law enforcement on their on-going investigations.”
Los Angeles Valley College is located in L.A.’s Valley Glen district in the San Fernando Valley and has approximately 20,000 students.
The number of ransomware attacks in the U.S. jumped in 2016, with hospitals, educational institutes and law enforcement agencies as prime targets. In the Los Angeles area, these exploitative attacks hit Los Angeles Presbyterian Medical Center and the L.A. County Department of Health Services last winter.
Ransomware attacks are expected to increase and become more sophisticated in 2017—and the amount of the ransom could continue to rise, too.
Better-prepared organizations can limit the impacts of a ransomware attack by frequently backing-up systems and taking other precautions. But as Dark Reading recently wrote: “The ill-prepared organizations that continue to pay ransomware fuel its growth. With each successful ransom, bad actors become more emboldened, more innovative and more profitable.”