Ransomware hits Las Cruces school servers, prompts shutdown

LAS CRUCES – A ransomware attack prompted a shutdown of computers and internet servers across Las Cruces Public Schools Tuesday.

The district said in a statement that officials identified ransomware on some district servers early Tuesday morning, and initiated “a district-wide shut down” in order to contain the virus. 

Ransomware is software designed to lock access to computer or data systems until a ransom is paid, and is often spread by visiting infected websites or by opening “phishing” emails, according to the U.S. Department of Homeland Security.

“At this time we do not believe staff or student data has been breached or compromised.,” the district said in its statement. “We have activated the district crisis response team and central office is maintaining communication with schools and district sites via phone and hand held radios.”

The district said schools remained open and operating on regular schedules while the district’s IT department worked to restore service. 

As a precaution, New Mexico State University’s IT department notified university staff Tuesday morning that direct network access to LCPS had been blocked, emails from the school district were being quarantined, and incoming IP addresses from LCPS were blocked. NMSU staff were asked not to open any email from LCPS accounts until IT issued an all clear.

Phishing emails, a frequent cause of infection, attempt to get users to click on links or provide personal information for identity theft or to gain access to a victim’s computer. 

Read more: https://www.lcsun-news.com/story/news/education/lcps/2019/10/29/ransomware-hits-las-cruces-school-servers-prompts-shutdown/2498837001/