Cybersecurity

Howard University Suspends Online, Hybrid Classes After Ransomware Attack

• By Matt Jones
• 09/08/21

Howard University in Washington, D.C., announced this week that its online and hybrid classes have been suspended following a ransomware attack. All university classes were cancelled on Tuesday, Sept. 7, and though in-person classes resumed on Wednesday, remote options remained on hold.

According to a university news release, the university’s IT team noticed “unusual activity” on the school’s network on Friday, Sept. 3. Officials shut down the university network—including campus WiFi—over the three-day weekend in accordance with its cyber response protocol and to “mitigate potential criminal activity.” The release confirmed that the university experienced a ransomware cyberattack and that Enterprise Technology Solutions (ETS) are working to address the incident and resume normal operations.

The university said that it will provide daily status updates to the community. According to Tuesday’s update, the university is “currently working with leading external forensic experts and law enforcement to fully investigate the incident and the impact. To date, there has been no evidence of personal information being accessed or exfiltrated; however, our investigation remains ongoing, and we continue to work toward clarifying the facts surrounding what happened and what information has been accessed.”

The university is in the process of deploying an alternate WiFi system on campus, although officials said that it wouldn’t be ready by Wednesday. In the meantime, the university’s physical campus opened Wednesday to essential employees. Faculty may be able to access online academic modules and apps through wireless hot spots. Both of the university’s dining halls remain open, and nonessential employees have been asked to stay home.

According to the Washington Post, cyberattacks have been increasing recently, and they are especially prevalent during holidays and weekends while offices are closed. The University of California System experienced a cyberattack in spring 2021, and the University of Utah paid a $450,000 ransom to hackers in August 2020.

“There’s been some big-name universities involved. Howard is just the latest one,” said Lisa Plaggemier, National Cyber Security Alliance interim executive director. “Universities can be perceived by bad guys as having deep pockets. As long as people pay the ransom, it’s going to keep happening.”