Las Cruces Public Schools targeted in ransomware attack
District says it won’t pay ransom or negotiate at all
Las Cruces Public Schools shut down all of the district’s servers and computer systems following the discovery of ransomware.
Ransomware is a type of malware that restricts access to a computer system and or data until a ransom is paid. The district got a request for “bitcoin” after the attack on Tuesday but not for a specific amount. The district is not paying “any ransom” and “not negotiating at all,” according to Samantha Lewis, public relations coordinator for Las Cruces Public Schools. She also said LCPS is working with local law enforcement investigating the attack.
“At this time we do not believe staff or student data has been breached or compromised,” according to the news release from the district. “We have activated the district crisis response team and central office is maintaining communication with schools and district sites via phone and hand held radios.”
All schools remain open and school events continue as planned. Wi-Fi has been shut down along with all servers at the Las Cruces Public Schools as the IT department works to restore critical services.
“We are treating this like a virus. With that said, we are asking principals, teachers, students that have any district devices as far as laptops, kindles, iPads, just to shut them down completely,” Lewis said.
The district-wide shutdown is expected to remain in effect through the end of the week. As a precaution, the City of Las Cruces is putting all emails from LCPS “on hold until the issue is resolved,” according to Udell Vilgil, communications director for the city.
New Mexico State University is taking “several temporary precautionary measures,” including blocking network access to LCPS, quarantining email from LCPS, blocking access to their network from NMSU and blocking incoming IP addresses from LCPS, according to an email from the NMSU IT department to university staff. As an extra precautionary measure, NMSU staff and students are advised not to open any email from LCPS until the IT department notifies them it is safe to do so.
This year, criminals have targeted a growing number of educational institutions and school district’s across the country with ransomware, according to cyber security firms.