Howard University Ransomware Attack: Classes Canceled

Howard University Cancels Classes Following Ransomware Attack

Howard University in Washington, D.C. has suspended classes after experiencing a ransomware attack. This makes it the newest educational establishment to fall victim to such an incident.

Incident Discovery and Initial Response

The intrusion was identified on September 3rd, shortly after students had returned for the new academic term. The University’s Enterprise Technology Services (ETS) team noticed anomalous network behavior and proactively shut down systems to begin an investigation.

The university confirmed the attack in a public statement, identifying it as a ransomware cyberattack. While the specifics remain under review – including the identity of the attackers and the ransom amount – initial findings suggest that the personal data of the approximately 9,500 students may not have been compromised.

Ongoing Investigation and Data Security

However, the university emphasized that the investigation is still in progress. Efforts are being made to determine the full extent of the breach and identify any potentially accessed information.

To facilitate a comprehensive assessment of the ransomware’s impact, Howard University has canceled all classes for Tuesday. Access to campus is limited to essential personnel only.

Impact on Campus Resources

Campus Wi-Fi services are currently unavailable during the investigation. Despite this, students and faculty will continue to have access to cloud-based software applications.

The university stated its primary concern is protecting sensitive personal, research, and clinical data. They are collaborating with the FBI and the D.C. city government, and are implementing enhanced security protocols.

Recovery Timeline

University officials cautioned that the recovery process will be extensive and will not be completed quickly. They anticipate a “long haul” for full remediation.

Ransomware Attacks on Educational Institutions

Howard University joins a growing list of educational institutions targeted by ransomware since the beginning of the pandemic. The FBI’s Cyber Division has recently issued warnings about the increasing focus of cybercriminals on schools and universities, driven by the widespread adoption of remote learning.

Last year, the University of California paid $1.14 million to NetWalker hackers to decrypt data encrypted on servers within its School of Medicine. Similarly, the University of Utah paid $457,000 to prevent the release of stolen data following an attack on its network.

Statistics on Attacks in 2021

According to Brett Callow, a threat analyst at Emsisoft, ransomware attacks have disrupted 58 U.S. education organizations and school districts, impacting 830 individual schools, as of last month.

Emsisoft’s data indicates that in 2020, 84 incidents caused disruptions to learning at 1,681 schools, colleges, and universities.