An assault on Las Cruces Public Schools forced the district to shut down the entire computer system to stop the infection.
It is now no longer possible to exchange information with schools as email and other forms of computer-based communications are not possible.
Speedy Intervention doesn’t Save the Day
The district has activated the crisis response team and is restoring critical services. At this point, it is unclear how long the systems will run.
Early Tuesday morning (7 a.m.) the IT department discovered that some servers were compromise and reacted fast by shutting down the whole district computer system.
District schools can be communicated via telephones and handheld radio stations.
Although the incident is serious, schools have remained open and their activity has not been disrupted.
“We do not believe personnel or student records have been broken or damaged at this time,” District officials said in a Las Cruces Sun News statement.
The New Mexico State University reported on the same local news outlet that its staff did not open any emails from Las Cruces Public Schools (LCPS) that they carry malware.
Additional measures such as blocking access to LCPS direct network and incoming traffic until the situation becomes apparent are put in place.
Schools are Common Targets for Ransomware
It can take significant time to recover from a ransomware attack even when it is caught early. Experts must determine how far the infection spreads, clean and restore systems, check data and recover them from backups, preferably.
Gadsden Independent School District continues to recover, re-establish the e-mail system and restore deleted emails from a Ryuk ransomware attack in mid-July.
This year, Ransomware attacks have been rampant, making victims like never before in government, education, and healthcare entities.
An Emsisoft report released at the beginning of the month reports that there have been 62 incidents involving different education institutions (school districts, colleges, universities) since the start of the year. The potential number of victims is more than 1,000 educational institutions.
A related study by cybersecurity firm Armor states that 54 ransomware attacks have been publicly reported by educational institutions since January 2019. The potential number of schools affected is more than 500.
The explanation for these statistics is that cyber criminals know that targeting public sector organisations have a greater chance of receiving compensation because they are unprepared for threats and must work for public services.