Mostly Monday Reads: Cyberattack down in the Reeds

Good Day Sky Dancers!

Today’s topic comes from the Gret state of Lousyana, where many things are backward, including our Senators and most of our Congressional Representatives.  There’s so much news that sometimes something important can sneak up and slap you and ya momma. I had no idea that Higher Education institutions worldwide were increasingly targeted for ransomware and malware attacks. This is especially true since many universities had to go exclusively online during the Covid-19 shutdowns. Now you know too!

Our first attack in this state was last November at a Historically Black College in New Orleans.  Xavier is one of the premier universities in the state. The second big hit came at the beginning of March at Southeastern Louisiana University, where I taught for a few years while finishing my doctorate. Friday, the University of New Orleans got hit.  The cybersecurity folks shut down everything.  I lost access to my students while posting some graded items and assignments. My first thought was, why would anyone target universities in a poor state like Louisiana? Evidently, that was on the minds of a few reporters at the Times-Picayune as I talked to one of their reporters yesterday who had found my Facebook post and my frantic efforts to figure out how to return to pre-internet reality.  Why HBC Southern near Shreveport and not the one here in New Orleans or over in Baton Rouge?  Would we lose three weeks of everything like SELU?  Michael Richmond is the director of technology services for the accounting and technology firm Postlethwaite & Netterville.

Richmond said there isn’t enough information publicly available to tell exactly what kind of attack Southeastern would be facing — whether that be someone accidentally falling for a phishing scam and causing a ransomware attack or some sort of intentional, targeted attack intended to gather specific information.

When it comes to ransomware and phishing scams, Richmond said, the attack is about gathering information valuable to the victim and holding it ransom until they’re paid off, or selling that information off. In the case of a higher education institution, that information could be personal or financial student data.

The reason I’m bringing this up is that I found out that it really is a widespread problem.  There are also significant implications for every state and country if this continues.  It may already be in your country or state, and only the techiest are on top of the problem.  

Higher education has suffered from rising cyber attacks in recent years — the most common type being ransomware attacks, according to Forbes. These attacks cost universities an average of $112,000 in ransom payments, though experts say ransom demands can go into the millions.

Xavier University in New Orleans was hit by a cyber attack last November. The group responsible said it obtained personal data belonging to students and faculty, which it then leaked on the dark web. An email from the university sent to students and faculty after the incident said they’d notify those who might have had their data stolen.

“It can happen to anybody,” Richmond said. “It’s one of the things we see across higher ed, because the collaborative nature [of universities] and the services they provide is counterproductive from a security standpoint. It’s very difficult to walk that fine line between the collaborative nature and cybersecurity.”

A decrepit old abandoned house located in a swamp in Louisiana.

If there is one entity with documentation on everything there is to know about me, it is UNO.  I imagine that’s the same for many faculty, staff, and students. But UNO is also a research university. Some of their work includes quite sensitive information, including one program that focuses on shipbuilding for the US Navy and another that partners with ATT to make progress in three-dimensional simulations.

I went down the rabbit hole, and you’re coming with me if you’d like.  Cyberattacks on Universities all over the world are on the rise. The first source of documented information I found came from the UK, home to some of the most prestigious and oldest universities. “Ransomware attacks are hitting universities hard, and they are feeling the pressure. Cyber criminals are targeting universities with ransomware attacks that are costing millions of pounds, while IT departments are feeling overstretched.”

Schools and universities are facing an unprecedented level of ransomware attacks as incidents continue to severely impact the education sector.

The warning comes from Jisc, a not-for-profit organisation that provides network and IT services to higher education and research institutions. Jisc’s ‘Cyber Impact 2022’ report suggests there’s an increased threat of ransomware attacks against education.

According to the report, dozens of UK universities, colleges and schools have been hit with ransomware attacks since 2020, causing disruptions for staff and students, and costing institutions substantial amounts of money. In some incidents, Jisc says impact costs have exceeded £2 million.

And the attacks keep coming, as the report details how two universities and a further education and skills (FES) provider were hit by separate ransomware attacks during March 2022.

The institutions aren’t specified, but the report says each incident caused a significant impact as systems were taken down to prevent further spread of malware, and to safely recover and restore data. In one case, a third party was called in to help the organisation fully recover from the incident.

According to Jisc, higher education views ransomware and malware as the top cybersecurity threat, followed by phishing and social engineering.

The report suggests that one of the reasons universities have become such a common target for ransomware attacks is because of the pandemic-induced sudden shift to remote working for staff and students that inadvertently left institutions open to attack.

For example, the switch to remote education led to a big rise in the use of remote desktop protocol, which can provide ransomware attackers with a route into networks.

This article elucidates the top 5 sources of cyberattacks on Schools and Universities.  The section on Ransomware gave me the answer to one of my questions.

Ransomware is another major challenge facing colleges and universities today. Ransomware is a type of malicious software that locates valuable data on a target system and holds it for a ransom sum. Colleges and universities hold a large amount of valuable student data, and they also conduct valuable high-level research, which is why so many hackers use ransomware to target them.

A ransomware attack can have devastating consequences for any university. Ransom sums for these attacks can be extremely high and are often financially devastating. Additionally, these attacks compromise valuable data and can even shut down your systems for an extended period of time, making it very difficult to conduct normal operations. On top of that, ransomware can negatively affect a university’s reputation for years to come.

The rougarou, the Cajun cryptid said to haunt Louisiana’s wetlands, is the mascot of a conservation effort for its traditional habitat.

So, a small state with many tight-fisted legislators that would instead do constant tax cuts than infrastructure improvement and protection is just ripe for out-of-date system protections.  In our case, the state cybersecurity folks helped UNO to reopen some systems this morning.  I have contact with my students now and access to my Moodle class support system and the Zoom classroom structure, which I may have to use and keep everyone at home.  I’m not entirely sure if we have physical access to the internet in classrooms.

I was in contact with friend and colleague Dayne Sherman, a library professor and man of many talents like author and saddle restoration, at the start of the SELU cyberattack.  I later discovered that the same type of breach impacted  Michigan-based Lansing Community College and Tennessee State.  He’s been quite vocal about how vulnerable the University was to this type of action and how the administration and the Louisiana University System were unprepared.  Today, he announced that he’s running for SELU President.  You may listen to him and, coincidentally, Phillip Bump of WAPO on political things at Talk Louisiana. He’s working to take on the political cronyism rampant at many universities in the state.

So, here’s the reporter I spoke with, Joni Hess, on “Frustration mounts, questions raised over possible cyber-security breach at five Louisiana schools” 

Kathryn Huff, UNO’s finance instructor, said all her students have her personal phone number and the first thing she’ll do Monday morning is collect alternative email addresses to use while the email network is down.

Students will have to submit paper copies of their work for now, rather than uploading it to Moodle, the popular education platform used to access recorded lectures and monitor grades.

In addition to potential exposure of personal records, Huff hopes she and others quickly regain access to their research and papers loaded into the system over the years.

Nunez Community College spokesperson, Jason Browne, said classes will meet remotely Monday, but the school anticipates a return to normal operations by Tuesday.

Chemin-a-Haut State Park Cypress Cathedral Tree

I am part of this story. I can only imagine the frustration of students. There have been attempts to grab money from student debit accounts with a university or student loans using the old round-up methods devised by in-house hackers in financial institutions back in my banker days. Now, these attacks can come from anywhere.

UNO relayed the news after 6 p.m. Friday evening and said it would provide updates via social media and Privateer alerts, but the school community is raising questions about possible compromises to personal and financial information.

“I wish they’d be more direct,” said Shelby Oliver, a graduate student in the sociology department. Oliver said that although not being able to communicate with all of her instructors is worrisome, she’s mostly concerned about what type of information has been threatened to trigger the response.

State police said “more information may be forthcoming when all forensic investigative efforts are complete.”

Anyway, these kinds of things bring out Miss Marple in me.  Perhaps your alma mater has been breached or will be?

What’s on your reading and blogging list today?