Cyber Incident Victim: Ouachita Parish School District
Date:
Jul 2019
Location:
United States of America
Summary
A ransomware attack impacted three school districts in North Louisiana, including Ouachita Parish School District, causing widespread IT network outages and encrypting critical files. The state governor declared an emergency, activating a coordinated response involving cybersecurity experts from multiple agencies to expedite recovery efforts. This marked the second instance of a US governor invoking emergency powers for a cyberattack, uniquely prioritizing direct technical assistance through a pre-established Cybersecurity Commission formed after prior global ransomware incidents. The declaration facilitated resource mobilization to restore operations before the upcoming academic term, reflecting heightened preparedness against such threats.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In late July 2019, three school districts in North Louisiana, including Ouachita Parish School District, suffered simultaneous ransomware attacks that disrupted their IT operations. The attacks encrypted files and rendered critical systems inaccessible, forcing all three districts to take their networks offline. This incident occurred just weeks before the scheduled start of the new academic year, threatening to delay school preparations. Local media reported the complete shutdown of IT infrastructure across the affected districts, though specific technical details about the ransomware variant or initial infection vector were not disclosed in public reports. The coordinated nature of the attacks across geographically proximate school systems suggested a targeted campaign against educational institutions in the region.
Louisiana Governor John Bel Edwards responded by declaring a statewide emergency on July 25, 2019 – only the second such declaration for a cyberattack in U.S. history following Colorado's 2018 incident. The emergency proclamation activated a coordinated response through Louisiana's pre-established Cybersecurity Commission, created in December 2017 following global ransomware outbreaks like WannaCry. State resources deployed included cybersecurity teams from the Louisiana National Guard, Louisiana State Police, the Governor's Office of Homeland Security and Emergency Preparedness (GOHSEP), and the Office of Technology Services. This multi-agency effort focused on forensic analysis, system recovery, and restoring operations before the upcoming school year. The emergency declaration remained active until August 21 or until recovery concluded, whichever came first. Governor Edwards emphasized the commission's role in enabling rapid response, stating it positioned the state to effectively assist local governments against such threats. While the declaration facilitated resource mobilization, no information was disclosed regarding ransom demands, payment, or data theft related to the school district attacks.