In September 2021, Howard University revealed they were they victim of a ransomware attack that resulted in cancelled classes. This is the latest in a series of cyberattacks launched upon education establishments.
In terms of the form of attack, ransomware attacks represent the number one cybersecurity threat for universities in the U.S. For example, an analysis of ransomware campaigns against higher education, undertaken by ZDNet, has found that attacks against universities during 2020 were up 100 percent compared to 2019.
In addition, the average ransom demand from this form of attack now stands at $447,000 (in exchange for the decryption key). Most of the attacks occurred in the most populous states of the U.S., like Texas, New York, California and Louisiana and that more than 1,740 schools and colleges were impacted by a ransomware attack in 2020.
With the Howard incident, the University’s Enterprise Technology Services (ETS) detected “unusual activity” on the University’s network, as TechCrunch reports. This led authorities to intentionally shut down the information technology systems in order open up an investigate. This led to a disruption of teaching.
To provide analysis of the incident, Ric Longenecker, CISO at Open Systems, tells Digital Journal the issue presents a growing concern.
Longenecker sets the context as: “Howard University became the latest victim of a ransomware attack. This should come as no surprise, as ransomware attacks are the No. 1 cybersecurity threat for universities.”
There is a reason for this focus upon education, says Longenecker: “These organizations are particularly attractive to bad actors given the wealth of data that schools have – including medical information, social security numbers, addresses, and banking and credit card information.”
With the recent incident, Longenecker acknowledges: “Howard University has done a great job with its response, this still highlights the need for higher education institutions to step up their cybersecurity efforts.”
There is more to do, and Longenecker makes some recommendations: “These organizations can overcome, prevent and combat cyberattacks by leveraging a managed detection and response (MDR) provider. An experienced MDR provider can identify threats and contain them quickly and efficiently before they spread and impact students, faculty and parents.”
Other useful measures include undertaking encryption of all sensitive data, including data both in flight and at rest, which will make it impossible for cybercriminals to read or expose that data in any intelligible form. It is useful to have in place an immutable backup copy of their data.