Ransomware Attackers Target U.S. Colleges and Universities
U.S. colleges and universities are on high alert for cyberattacks. The FBI issued a warning for higher education in March 2021. Even with universities taking steps, several found themselves victims of BlackCat, also known as the ALPHV group.
Ransomware gang BlackCat took credit for a ransomware attack during North Carolina A&T State University’s spring break. A&T is the largest historically black college or university in the U.S. The attack disrupted apps and systems used for instruction and operations. These included wireless platforms used for online classes, single sign-on websites, virtual private networks and Chrome River. Students reported that classes were canceled or moved online, according to the A&T Register, the student newspaper.
BlackCat also claimed credit for a ransomware attack two days later at Florida International University of 1.2TB of data. According to the Record, BlackCat said that the attack involved personal information from students, teachers and staff, including contracts, accounting documents, SSNs and email databases. However, the university has disputed the idea that sensitive information was stolen.
In late April, Austin Peay State University announced a ransomware attack on Twitter. Because of the attack, the school asked everyone to disconnect from the university network. Clarksville Now reported exams were canceled two days after the attack.
According to the Record, six other universities were also targeted by ransomware attacks in April 2022: Ohlone College, Savannah State University, University of Detroit Mercy, Centralia College, Phillips Community College of the University of Arkansas and National University College.
Ransomware attacks in higher education are on the rise. Combine that with the fact that cybersecurity at colleges is extremely challenging. So, institutions should take a look at their budgets before an attack happens and focus on digital defense. In the FBI warning, the agency suggested many best practices for colleges and universities. These include both ways to prevent attacks and how to reduce the impact if one happens, such as:
Universities and colleges view their core mission as educating their students. However, cyberattacks are especially disruptive to everyone on campus, students most of all. Reduce vulnerabilities for ransomware attacks and make sure your campus can get back online quickly. That way, you can put the focus where it should be – on your students.
Jennifer Goforth Gregory is a freelance B2B technology content marketing writer specializing in cybersecurity. Other areas of focus include B2B, finance, tec…
3 min read – In October 2022, the world marked the 19th Cybersecurity Awareness Month. October might be over, but employers can still talk about awareness of digital threats. We all have another chance before then: National Computer Security Day. The History of National…
3 min read – The protection of the SAP systems, as mission-critical applications, is becoming the priority for the most relevant organizations all over the world. The security hardening of SAP systems is key in these uncertain times, where threat actors start seeing SAP…
From November 2021 through January 2022, the Cybersecurity and Infrastructure Security Agency (CISA) responded to an advanced cyberattack on a Defense Industrial Base (DIB) organization’s enterprise network. During that time frame, advanced persistent threat (APT) adversaries used an open-source toolkit called Impacket to breach the environment and further penetrate the organization’s network. Even worse, CISA reported that multiple APT groups may have hacked into the organization’s network. Data breaches such as these are almost always the result of compromised endpoints…
In late April, after weeks of major ransomware attacks, Costa Rica declared a state of emergency. Newly-elected President Rodrigo Chaves took this measure, usually reserved to deal with natural disasters, to free up the government to react more decisively to the incident. The Russian-based Conti gang has claimed they launched the attack. Meanwhile, the U.S. Department of State offered a $10 million reward for information that leads to finding anyone holding a key leadership role in the Conti gang. The…
Malware-as-a-Service is getting easier and easier to access, according to a recent threat report. Self-named the ‘Eternity Project’, this cyber threat group offers services from a Tor website and on their Telegram channel. They sell a wide variety of malware in an organized fashion, including stealer, clipper, worm, miner, ransomware and distributed-denial-of-service bot services. This alarms many security professionals. With Eternity, even inexperienced cyber criminals can target victims with a customized threat offering. Eternity sells malware for $90 to $490.…
Last summer, I noticed password reset notices in my email account that I didn’t send. I quickly realized that I was the victim of an account takeover. This happens when someone illegally gains access to your account, typically through compromised credentials. I changed my email password right away and learned that my passwords to other accounts had already been changed. To make cleanup even more fun, I found out that the attackers had created new accounts using my credentials. Account…
Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.
