Ransomware Breach Halts Classes at Howard University

Washington, D.C.’s Howard University has closed doors in the wake of a full-blown ransomware attack prompting the school to go for a total network shutdown to limit potential damage and investigate the root of the problem.

The attack took place on Sept. 3 reportedly, right before Labor Day weekend, when the HBCU’s system admins spotted some unusual activity that should otherwise not be taking place. To mitigate the potential risks associated with such activity, they shut down the Internet, causing many internal systems to go offline, including all mapped and unmapped network devices, printers, VOIP devices, etc.

Students were encouraged to use the BisonSafe application to keep track of the attack, avoid plugging in their personal computers and reset their old passwords with new, more sophisticated ones. Clocking in at a minimum of 14 characters, the new passwords should include a mixture of uppercase characters, lowercase characters, special (non-alphabetic) symbols and base digits.

Ten Days to Weather the Storm

The institution has yet to reveal any details about how far the ransomware attack went. While the school’s IT specialists slowly started bringing all systems back to life a/o Sept. 13,  it’ll be a while before everything goes back to normal. Moreover, they intend to beef up the university’s network security so that future malware attacks have little to zero chance of success. The restoration of the Wi-Fi signal within the campus, which occurred earlier today, has made everyday operations much more accessible.

The Challenges Ahead

The ransomware attack against Howard University is a warning sign that the ongoing pandemic may not be the only impediment to regular classes. Hacking groups shift their focus from individual targets to government institutions, state facilities, hospitals, and manufacturing plants gradually. Educational entities remain susceptible to such intrusions particularly, due to their generally poor Web security mechanisms and the sensitive personal data they are supposed to keep under wraps. The latter, in turn, often raises the stakes, which is why schools, in general, are more prone to pay the demanded ransom amount rather than risk letting those data go down the drain. Whether or not Howard University has incurred any data loss following the ransomware attack will probably remain unknown, until the ongoing FBI investigation is over.