Ransomware Targets Higher Education Institutions
Three Educational Institutions Hit by Ransomware over Three Months.
Higher education institutions may be regarded as out-of-scope targets for ransomware operators, however, the trends show that things are quite the opposite. Three distinct colleges have been hit with ransomware. These are North Carolina A&T University, Austin Peay State University, and Lincoln College, with the cyberattack on the latter resulting in the college closure.
Lincoln College Closes Following Ransomware Attack
After 157 years of activity, Lincoln college had to be closed because of ransomware: from being initially impacted by the pandemic which directly affected its ability to perform recruiting and fundraising to a December ransomware attack which left the institution with no access to critical information. This resulted in a decrease in its chances to find new students.
On the Lincoln colleges website, there is a notice that reads
All systems required for recruitment, retention, and fundraising efforts were inoperable. Fortunately, no personal identifying information was exposed. Once fully restored in March 2022, the projections displayed significant enrollment shortfalls, requiring a transformational donation or partnership to sustain Lincoln College beyond the current semester.
Austin Peay Hit with Cyberattack
Austin Peay State University announced on April 27 on Twitter that it had been impacted by a ransomware attack.
APSU ALERT: Ransom ware attack. THIS IS NOT A TEST. SHUT DOWN ALL COMPUTERS NOW!
— Austin Peay State University (@austinpeay) April 27, 2022
Its systems went offline for 3 days, but they were restored afterwards. Allegedly the ransomware made its way into the college’s network using phishing emails as an entry point, as students were advised to beware of suspicious links.
The Governor’s student body even issued a petition to postpone the final exams because of these events.
BlackCat Ransomware Targets North Carolina A&T
According to TechRepublic, North Carolina A&T University was also targeted with ransomware by the ALPHV/BlackCat gang. The school was on Spring Break when the threat actors managed to inflict damage on instruction tools, VPN, single sign-on websites, and some schools’ wireless connections as part of their ransomware operation. Allegedly, BlackCat also performed personal data theft, including teachers’ and students’ Social Security numbers. The threat actors also claimed to have got email databases, SQL, financial data, and contracts.
However, what the university officials said in a formal statement was quite different from the threat actors’ claims. The institution declared that no personal data was stolen and that the ransomware attack had an impact only on the schools’ systems.
Chris Clements, vice president of solutions architecture at Cerberus Sentinel, said that:
To remain safe, organizations must adopt a culture of security that builds cybersecurity awareness and protection into all business operations. (…) Doing so as early as possible is much easier than trying to retrofit security best practices into mature and diverse environments. Getting cybersecurity right is a challenging job, but the ever-increasing risk of damage from an attack means that it must be taken seriously to protect organizations from potentially devastating loss.
How Can Heimdal™ Help?
Ransomware is a threat that never ceases to make its presence known, so good cybersecurity solutions are a must nowadays. Choose Heimdal Ransomware Encryption Protection and prevent ransomware before it hits your systems.