Howard University was forced to cancel classes this week after its network was infected with ransomware.
The Washington D.C.-based college said that its IT team detected “unusual activity” on its systems on Friday, and shut down to investigate the situation.
Howard later added that, “based on the investigation and the information we have to date, we know the University has experienced a ransomware cyberattack.”
Online and hybrid undergraduate classes have been suspended throughout the week. In-person classes at the college’s Washington campus have resumed.
The university confirmed that it is establishing an alternative Wi-Fi system to enable the return of remote classes.
What information has been affected?
According to Howard University’s statement, “there has been no evidence of personal information being accessed or exfiltrated; however, our investigation remains ongoing, and we continue to work toward clarifying the facts surrounding what happened and what information has been accessed.”
This is a common scenario for victims due to the nature of ransomware. Attacks result in the victim being locked out of its computer files, with the attacker displaying a message demanding payment for the decryption keys.
Without access to its systems, it’s almost impossible for a victim to determine the full extent of the damage. However, whether it knows this or not, it is still a data breach, because the term covers not only unauthorized access of sensitive information but also the loss of availability.
It’s a problem many organizations in the US has had to deal with, with the frequency of ransomware attacks surging in recent years. Hospitals, contractors and local governments have all come under attack – but the education sector has perhaps been the biggest target.
A Check Point Research study found that the US education sector saw a 15% increase in cyberattacks in July compared to the average for the first half of the year.
Tackling the threat of ransomware
The US government has been increasingly involved in attempts to help organizations mitigate the risk of ransomware.
Following the attack on Colonial Pipeline, President Biden unveiled an initiative that includes a State Department programme offering a $10 million reward for anyone who provides information that helps prevent or punish ransomware attackers.
The initiative also includes plans to:
- Make it harder for ransomware gangs to transfer funds using cryptocurrency
- Encourage international corporation in combating ransomware
- Help US organizations become more resilient against criminal hacking
Although we may see immediate benefits, a government spokesperson emphasized that this is a long-term project.
“This is a problem that’s built up over a number of years and it’s not something that will be solved in a moment,” the official said. “It won’t be turned off like a light switch. But we’re looking for meaningful, meaningful progress.”
The plans are the first published results of a government-wide effort to address the threat of ransomware, which was first reported in May.
What happens when you come under attack?
These plans demonstrate just how important it is to prioritise the threat of ransomware. Part of that involves considering what will happen when you fall victim – because as we’ve seen time and again, even the most well-funded, well-prepared organizations come under attack.
What you must remember is that the faster you can respond, you smoother your recovery will be.
To help organizations manage this process, IT Governance USA has created its Cyber Security Incident Response Service.
Expert consultants will guide you through every step, from identifying the source of the breach and how to stem the damage to notifying the appropriate people and returning to business as usual.