Ransomware attackers target US colleges and universities

US colleges and universities are on high alert for cyberattacks. The FBI issued a warning for higher education in March 2021. Even as universities took action, several found themselves victimized by BlackCat, also known as the ALPHV group.

A wave of attacks in April

The BlackCat ransomware gang took credit for a ransomware attack during North Carolina A&T State University’s spring break. A&T is the largest historically black college or university in the United States. The attack disrupted applications and systems used for training and operations. These included wireless platforms used for online courses, single sign-on websites, virtual private networks, and Chrome River. Students have reported that classes have been canceled or moved online, according to the A&T Register, the student newspaper.

BlackCat also claimed responsibility for a ransomware attack two days later at Florida International University of 1.2TB of data. According to the Record, BlackCat said the attack involved personal information of students, teachers, and staff, including contracts, accounting records, SSNs, and email databases. However, the university disputed the idea that sensitive information was stolen.

At the end of April, Austin Peay State University announced a ransomware attack on Twitter. Due to the attack, the school asked everyone to disconnect from the university network. Clarksville Now reported that exams were canceled two days after the attack.

According to the Record, six other universities were also targeted by ransomware attacks in April 2022: Ohlone College, Savannah State University, University of Detroit Mercy, Centralia College, Phillips Community College at the University of Arkansas, and National University College. .

Reduce the risk of ransomware

Ransomware attacks in higher education are on the rise. Combine that with the fact that cybersecurity in colleges is extremely difficult. Thus, institutions should review their budgets before an attack occurs and focus on digital defense. In the FBI warning, the agency suggested many best practices for colleges and universities. These include both ways to prevent attacks and reduce the impact if they do occur, such as:

  • Back up all data with offline password protected copies
  • Use multi-factor authentication for all users accessing the network, applications, and systems
  • Install all updates and patches for all systems
  • Change network and system passwords often
  • Install and update anti-virus and anti-malware applications on all hosts
  • Disable hyperlinks in all emails sent through the network. This reduces the chances of staff, faculty, and students clicking on a phishing link.

Universities and colleges see their primary mission as educating their students. However, cyberattacks are particularly disruptive to everyone on campus, students in particular. Reduce vulnerabilities to ransomware attacks and ensure your campus can get back online quickly. This way you can put the focus where it should be – on your students.