California's San Bernardino City Unified School District (SBCUSD) has discovered that cybercriminals recently used ransomware to lock access to district files. The ransomware attack was launched against SBCUSD's computer servers, and these servers are currently inaccessible.
SBCUSD information technology staff notified law enforcement about the ransomware attack Saturday, the San Bernardino Sun reported. District officials are working to address the incident.
The SBCUSD ransomware attack affected the district's computer network. However, SBCUSD student and parent data is secure, and the district's nutrition services and transportation departments were unaffected by the ransomware attack.
SBCUSD student attendance is being logged manually following the ransomware attack. Also, SBCUSD school phone lines are working, but email communications with teachers and staff are currently unavailable.
Are Cybercriminals Targeting School Districts?
In addition to the SBCUSD ransomware attack, cybercriminals recently have launched several cyber attacks against school districts, including:
- Flagstaff (Arizona) Unified School District: Experienced a ransomware attack that forced 15 schools to close for two days last month.
- Rockville Centre (New York) School District: Paid nearly $100,000 to restore its data after cybercriminals used ransomware to encrypt files across its server.
- Scott County Schools (Kentucky): Lost $3.7 million in a phishing scam; Scott County Schools later recovered the stolen funds.
To date, cybercriminals have initiated at least 62 ransomware attacks against school districts this year, research from antimalware and antivirus software provider Emsisoft indicated. Emsisoft also noted that cybercriminals are increasing their ransoms and frequently using email and remote desktop protocol (RDP) attacks to target schools and other organizations.