Des Moines Public Schools, the largest school district in Iowa, canceled all classes on Tuesday after taking all networked systems offline in response to “unusual activity” detected on its network one day before.
The announcement that all classes will be canceled on January 10 was published on Monday when the district added that athletics and activities were still scheduled to take place.
“Earlier this morning, DMPS was alerted to a cyber security incident on its technology network. As a preemptive measure the school district’s internet and network services were taken offline as the matter is currently being investigated and assessed,” Des Moines Public Schools said on Monday.
“Because many technology tools that support both classroom learning as well as the management and operation of the school district are not available at this time, the prudent decision is to close the district for the day.”
As Iowa’s largest school district, Des Moines Public Schools has more than 5,000 employees and enrolls more than 31,000 students from preschool through high school in over 60 schools.
A Des Moines Public Schools spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.
While the nature of the incident is yet to be revealed, other Iowa school districts, including the Cedar Rapids Community School District, the Davenport Community School District, and the Linn-Mar Community School District, have been targeted in recent ransomware attacks in 2022, according to Des Moines Register.
Ransomware hit 89 organizations in the U.S. education sector last year, including 44 universities and colleges and 45 school districts, with the attackers having stolen data from the victims’ networks in at least 58 of these attacks, according to cybersecurity company Emsisoft.
One of the victims was the Los Angeles Unified School District (LAUSD), the second largest school district in the United States, in an attack claimed by the Vice Society ransomware gang, which also leaked data stolen from LAUSD’s network one month later.
The day LAUSD disclosed the incident and days before the ransomware gang claimed the attack, the FBI, CISA, and MS-ISAC issued a joint advisory warning that Vice Society was increasingly targeting U.S. school districts.
Attacks on the education sector, have had a massive impact on school and university operations, from restricted access to data and their networks, delayed exams and canceled school days to the theft of personal information belonging to school staff and students.
In November 2021, several U.S. senators urged the U.S. Departments of Education and Homeland Security to bolster cybersecurity protections at K-12 schools across the country so they can keep up with the massive wave of ransomware attacks.
Source: https://www.bleepingcomputer.com/news/security/iowa-s-largest-school-district-cancels-classes-after-cyberattack/