Visalia Unified says ransomware attack impacted many of its IT systems but did not release more information about the type of data at risk
VISALIA – Thousands of Visalia Unified teachers, students and staff were locked out of the district’s online software last week during a ransomware attack.
Ransomware is a type of malware, short for malicious software, used for digital blackmail where a person or group hacks into a server and locks out the user threatening to publish the data unless they pay a ransom. Ransomware typically gains access to a server when one of the users clicks a link or downloads a file which in turn downloads a virus locking the user out of their own data.
VUSD said the ransomware attacked happened on the morning of May 18 and impacted the operation of the district’s information technology (IT) systems. Many of the systems were offline for the entire day as the district scrambled to bring them back online as quickly as possible and were able to resume online classes later that day.
“Local and federal law enforcement have been notified and are aware of the incident,” the district said in a May 18 press release. “In addition, the district is working with a cyber security business to mitigate the cyber-attack and restore IT systems back to normal operation.”
By Friday, May 21, Superintendent Tamara Ravalin said the district was still working with third-party specialists to investigate the source of the attack and confirm the impact on VUSD systems. Kim Batty, spokesperson for VUSD, said the district would not be issuing any further details about the attack at this time.
“As the investigation remains ongoing, we encourage the community to refrain from speculating about the event,” Ravalin said. “We appreciate your patience and understanding. As a reminder, class continues for students both in-person and online.”
The Better Business Bureau says ransomware is now a regular occurrence with hackers gaining access through a phishing email which then spreads to other machines on the same network. The ransom is often paid using cryptocurrency, such as Bitcoin, which is harder to track down after it has been paid.
The Institute for Security and Technology, a group of Bay Area business leaders helping build solutions to outpace security risks, launched a Ransomware Task Force comprised of more than 60 experts from software companies, cybersecurity vendors, government agencies, non-profits, and academic institutions. In a report issued last month, the task force said there were nearly 2,400 U.S.-based governments, healthcare facilities, and schools were victims of ransomware in 2020. The average downtown without access to data was 21 days, average days to fully recover was 287 days and the average cost to a business to pay the ransom was $312,500, a 311% increase over 2019.
Better Business Bureau suggests the following cyber hygiene defenses:
- Don’t click on links from unfamiliar sources. Even if you think you know the sender, be cautious about clicking on email links. When in doubt, delete it. Be especially wary of messages requiring you to act quickly, asking for personal information, or threatening you in any way.
- Keep clean machines and stay up-to-date with software: Prevent infections by updating critical software as soon as patches or new operating system versions are available. This includes mobile and other internet-connected devices.
- Use strong authentication, requiring more than a username and password to access accounts, especially critical networks, to prevent access through stolen or hacked credentials.
- Conduct regular backups of systems: Systems can be restored in cases of ransomware and having current backup of all data speeds the recovery process.
- Make better passwords: In cases where passwords are still used, require long, strong and unique passwords to better harden accounts against intrusions.
- Enable popup blockers. Popups are regularly used by scammers to spread malware. Prevent them from appearing in the first place by adjusting your browser settings.