BATON ROUGE, La. (LOCAL 33) (FOX 44) — Tangipahoa Parish school officials took emails and phones offline Monday, to limit a cybersecurity threat similar to what three North Louisiana public school districts faced last week.
The ongoing threats prompted Gov. John Bel Edwards to file the state’s first-ever software-related emergency declaration. The governor’s move activates the cyber response team he formed in 2017, which includes officials from Louisiana State Police, the Louisiana National Guard and the Governor’s Office of Homeland Security and Emergency Preparedness.
“Teams are displaced across the state, working hand-in-glove in as choreographed a fashion as they can.” said Stephenson National Center for Security Research executive director Jeff Moulton, who is based at LSU and oversees the multi-agency panel. “But as you can imagine, every single network is different, so every solution is going to be unique.”
The most prevalent threat against school districts in Morehouse, Sabine, Ouachita and Tangipahoa parishes has been ransomware. The software lets digital thieves lock users out of data unless ransom is paid.
“This is a network version of an injury,” Moulton said. “This could be a tornado, a hurricane, an earthquake in California — just a digital version of it.”
Hackers often target local government offices because many of them lack cyber protections. The inconvenience of public attacks has led some agencies to pay up more quickly, which Moulton argues does not always ease woes.
“Just because you pay the ransom doesn’t mean you get your data unencrypted,” he said. “A lot of time paying your ransom is a lost cause. The bad guys get richer, you get more frustrated, and you end up doing what we’re doing right now, rebuilding the system from scratch.”
Moulton declined to say whether any Louisiana government agencies have paid ransoms, nor would he say whether the affected school districts are now free of threats.
Public schools are not the only government centers at risk of ransomware invasions. The Colorado Department of Transportation issued an emergency declaration following an attack on their servers in 2018.
“What hackers look for is any type of information they can sell,” said Andrea Bryant, a territory manager at Check Point Software Technologies. “For example, healthcare institutions have Social Security numbers, dates of birth, probably your credit card as well.”
Exactly how long Edwards’ emergency declaration will last remains unclear. Members of the state-run cybersecurity team plan to meet a few times a week until the malware threat subsides.
“The faster we can stop the bleeding, the better off we are,” Moulton said.
Cybersecurity experts urge users to implement a two-factor authentication system, back up sensitive data manually, and avoid opening suspicious links or email attachments.