Howard University in Washington DC has canceled classes after becoming the latest educational institution to be hit by a Data hijacking attack.
The incident was discovered on September 3, just weeks after the students returned to campus, when the University’s Enterprise Technology Services (ETS) detected “unusual activity” on the University’s network and intentionally shut it down to investigate.
“Based on the research and information we have to date, we know that the University has suffered a ransomware cyberattack,” the university said. said in a statement. While some details remain unclear – who is behind the attack or how much of the ransom was demanded – is unknown, Howard University said there is so far no evidence to suggest that personal data of its 9,500 undergraduate students has been accessed or exfiltrated. and graduate.
“However, our investigation is ongoing and we continue working to clarify the facts surrounding what happened and the information that has been accessed,” the statement said.
To allow its IT team to fully assess the impact of the ransomware attack, Howard University canceled classes Tuesday, opening its campus to only essential employees. Campus Wi-Fi will also be inactive while the investigation is taking place, though cloud-based software it will remain available to students and teachers.
“This is a very dynamic situation, and our priority is to protect all sensitive personal, clinical and research data,” the university said. “We are in contact with the FBI and the DC city government, and we are installing additional security measures to further protect the University’s personal data and yours from any criminal encryption.”
But the university warned that such remediation will be “a long road, not an overnight solution.”
Howard University is the latest in a long line of educational institutions that have been affected by ransomware since the start of the pandemic, and the FBI’s Cyber Division recently warned that cybercriminals using this type of attack are primarily targeting in schools and universities due to widespread change. for remote learning. Last year, the University of California paid $ 1.14 million for NetWalker hackers after they encrypted data within its Medical School servers, and the University of Utah paid the hackers $ 457,000 to prevent them from releasing stolen data during an attack on its network.
According to Emsisoft Threat Analyst Brett Callow last month, Ransomware attacks have disrupted 58 US educational organizations and school districts, including 830 individual schools, so far in 2021. Emsisoft estimates that in 2020, 84 incidents disrupted learning across 1,681 individual schools, colleges and universities.
“We are likely to see a significant increase in education sector incidents in the coming weeks,” Callow tweeted on Tuesday.