Howard University, one of the largest historic black colleges in the country, said it would cancel classes on the second day this week as it continues to investigate a ransomware attack that shut down its network over a long holiday weekend. The attack is a reminder that educational institutions, which have become increasingly digital in times of crisis, still have cyber security issues at the beginning of the school year and at the time of personal reopening.
The university closed its DC campus to all except essential staff on Tuesday and announced on Wednesday that classes for online and hybrid graduate students would be canceled. Individuals wanted to pursue undergraduate, graduate, vocational and clinical courses.
“We are currently working with leading external forensic experts and law enforcement to conduct a full investigation into the incident and its consequences,” the administrator said. Legislation. “To date, there is no evidence of personal information being accessed or leaked; However, our investigation is ongoing, and we are working to clarify the facts surrounding what happened and what information was entered. ”
The ransomware attack was discovered on Friday and the university’s cyber response plan was launched. Officials are asking students, “Please consider a solution after such an incident occurs, it’s a long way – not an overnight solution.”
Expert Has been warned Preparing the academic community for cyber threats, in both university and K-12 schools, as the semester grows. Earlier this year, the University of California and Stanford University School of Medicine Nationwide ransomware attack Which targeted a third party vendor contracted by the schools.
Doug Levin, director of the K12 Security Information Exchange, says, “Experiencing an outbreak of ransomware on your network is probably the worst situation for an educational institution today. “This is the kind of phenomenon that keeps most ITs going at night because the consequences are so serious on the functioning of the organization.”
The timing of the attack सह with the busy season at school cannot be coincidental. Criminals often escalate ransomware attacks in the third quarter to increase their chances of being paid, another expert says.
Brett Callo, a threat analyst at security firm Emsisoft, says, “When students return to or start going back to class, schools are under pressure to resolve incidents quickly – and that could mean they are more likely to be paid.” The Daily Beast.
Coming back to normal
After an organization shuts down its network due to a ransomware attack, Levin says investigators should begin the process of identifying the type of malware activated and where the system is lacking. In cases where file backups are of good quality, it may take a few more days to restore the system.
In the face of a cyber attack on Howard University, the IT team can spend weeks normalizing things. Ransomware victims who have been caught without a plan will suffer disastrous consequences if they do not have a response plan, Levin says.
Recently a pair of researchers 3,880 is estimated Schools and universities have experienced ransomware attacks since 2018, spending billions on downtime and ransom payments.
Says Levine, “It is recommended that all educational institutions develop response plans for physical events such as school shooters or weather events. “Everyone knows their roles and responsibilities and you’re working through that playbook.”
Levin goes on to say that even if some ransomware gangs decide to target places like hospitals or schools during outbreaks, criminals will go after everyone they feel unsafe. If they succeed in attacking a school or college, they are more likely to do so again.
“A lot of people who don’t follow that closely believe that school districts and universities aren’t the target of cyber attacks, and that’s not the case anymore,” he says. “It’s not just the IT teams, but the school district and university leaders who have really looked at these risks holistically and come up with a plan to mitigate these risks.”