Three colleges have been victims of cyberattacks in the past three months alone.
While higher education is not generally considered a target industry for ransomware attacks, a trend may be forming. Three different colleges, North Carolina A&T University, Lincoln College, and Austin Peay State University, have all been negatively impacted by these types of cyberattacks, with one even leading to the closure of Lincoln College due to the scale of piracy.
“While there are obviously circumstances beyond the cybersecurity incident at play here, it is also clear that ransomware response and recovery played a significant role in the demise of Lincoln College,” said Tim Erlin, vice president of strategy at Tripwire. “It cost them time, as well as money, to recover. In this case, time equaled the possibility of perhaps righting the ship and saving the institution. When you’re already struggling, losing access to operationally important systems for more than a month can easily be the death knell.
Lincoln College forced to close
As the most extreme example of a school affected by ransomware, Lincoln College was forced to close permanently after 157 years of operation on May 13. The school was first impacted by the COVID-19 pandemic, limiting the school’s ability to recruit. and raising funds for the private institution. But the fatal blow came after struggles with a severe ransomware attack in December that limited faculty access to important school data, making it even harder for the school to find potential new students and limiting thus the college’s ability to keep its doors open.
According to the notice on the Lincoln College website, “All systems required for recruitment, retention and fundraising efforts were inoperative. Fortunately, no personally identifying information was exposed. When fully restored in March 2022, projections showed large enrollment shortfalls, requiring a donation or transformational partnership to sustain Lincoln College beyond the current semester.
“Cyberattacks such as ransomware can be painful for organizations at the best of times, but as this story shows, for any organization already struggling, they can pose existential threats,” said Chris Clements, vice president solution architecture at Cerberus Sentinel. “As soon as they were announced, the institution was already struggling due to the pandemic, but having critical systems offline for three months during a vital enrollment period may have sealed their fate.”
The Austin Peay cyberattack
On April 27, Austin Peay State University sent the tweet below, indicating that they had also suffered a ransomware attack:
APSU ALERT: Ransomware attack. THIS IS NOT A TEST. SHUT DOWN ALL COMPUTERS NOW!
— Austin Peay State University (@austinpeay) April 27, 2022
The school’s systems have been restored after being offline for three days according to the Austin Peay news page. The ransomware attack is believed to have occurred via phishing emails, as the school’s news site urged students and teachers to beware of potentially dangerous links.
A petition launched by the Governor’s student body to postpone final exams to a later date due to the attack describes the events as “Connectivity on campus and to essential student online services such as One-Stop, Outlook email and One-Drive is compromised. Students who rely on campus for Wi-Fi, the Felix G. Woodward Library, Writing Center, and other resources do not have access.
TO SEE: Mobile Device Security Policy (TechRepublic Premium)
North Carolina A&T targeted by BlackCat
At the end of March, A&T University in North Carolina reportedly suffered a ransomware attack at the hands of the ALPHV/BlackCat hacking group. While school was on spring break, cybercriminals were able to disrupt a number of wireless connections, teaching tools, single sign-on websites, and VPNs as part of the attack. BlackCat allegedly stole personal information as part of the hack, such as teachers’ and students’ social security numbers. Additionally, the hacking group had claimed to have obtained information about the school such as contracts, financial information, SQL and email databases.
In direct contradiction to the hacking group’s statement, university officials said no personal information was stolen and the only aspect of the school impacted by the attack was the institution’s systems. .
“To stay secure, organizations must embrace a culture of security that embeds cybersecurity awareness and protection into all business operations,” Clements said. “It’s much easier to do this as early as possible than trying to modernize security best practices in mature, diverse environments. Getting cybersecurity right is hard work, but the ever-increasing risk of damage from an attack means it must be taken seriously to protect organizations from potentially devastating losses.