Expert Comment: Howard University Cancels Classes After The Ransomware Attack

BACKGROUND:

In response to reports that Washington D.C’s Howard University has canceled classes on Tuesday after being hit by a ransomware attack, cybersecurity experts offer their following comments.

Experts Comments

September 08, 2021
Sam Curry
Chief Security Officer
Cybereason

The recent ransomware attack against Howard University is yet another reminder that no one is immune to being victimized and it isn’t surprising that higher education institutions are targets because they have wide attacks surfaces that are oftentimes poorly secured. With the start of a new school year and millions of students returning to campuses around the world in earnest since the COVID-19 outbreak in 2020, the mindset of the threat actors is likely that colleges will quickly pay the

.....Read More

The recent ransomware attack against Howard University is yet another reminder that no one is immune to being victimized and it isn’t surprising that higher education institutions are targets because they have wide attacks surfaces that are oftentimes poorly secured. With the start of a new school year and millions of students returning to campuses around the world in earnest since the COVID-19 outbreak in 2020, the mindset of the threat actors is likely that colleges will quickly pay the ransom because they want to minimise damages caused by a prolonged lockdown. However, paying a ransom doesn’t guarantee a fast return to normalcy.

In fact, a recent Cybereason study of more than 1,000 businesses showed that 80 percent of businesses that paid a ransom were hit by a second ransomware attack. To Howard University - if you can at all avoid it, don't pay. Paying doesn't make the problem go away, since nearly half don't recover their data correctly, and it will become public anyway. If we have learned anything from the deluge of ransomware attacks in 2021, the public and private sector needs to invest now to ratchet up prevention and detection and improve resilience. We can meet fire with fire. Sure, the threat actors will get in, but so what? We can make that mean nothing. We can slow them down. We can limit what they see. We can ensure fast detection and ejection. We can, in short, make material breaches a thing of the past. So, what if they get a toe hold on the ramparts. We can keep them out of the castle by planning and being smart ahead of time and setting up the right defences.

  Read Less
September 08, 2021
Tim Erlin
VP of Product Management and Strategy
Tripwire

Taking systems offline doesn’t always mean that those specific systems have been affected by ransomware. It may be a bit of a blunt instrument, but turning systems off can prevent ransomware from spreading further.

It’s easy to view the increase in ransomware headlines as a material change in the cybersecurity landscape, but it’s important to remember that ransomware has to announce itself to be successful. Other types of attacks that may use the same methods to infiltrate an organisation

.....Read More

Taking systems offline doesn’t always mean that those specific systems have been affected by ransomware. It may be a bit of a blunt instrument, but turning systems off can prevent ransomware from spreading further.

It’s easy to view the increase in ransomware headlines as a material change in the cybersecurity landscape, but it’s important to remember that ransomware has to announce itself to be successful. Other types of attacks that may use the same methods to infiltrate an organisation don’t ask for a ransom, and can stay hidden while they accomplish their objectives. 

Universities are tough environments to secure. Their populations vary greatly over the course of a year. They accepts all kinds of devices into their networks, both from staff and students. And they change out their users at a high rate as students graduate and matriculate. Not many other IT organisations have to deal with all of these factors.

  Read Less
September 08, 2021
Chris Clements
VP
Cerberus Sentinel

Educational institutions and especially universities are popular targets for ransomware gangs for several reasons. First, they are typically soft targets for cybercriminals to penetrate. Often university departments enjoy independence from each other that can lead to sprawling disparate technology project that can remain unpatched or orphaned with no centralized oversight by IT. Overly permissive access and permissions is another common issue in high education organizations that can easily be

.....Read More

Educational institutions and especially universities are popular targets for ransomware gangs for several reasons. First, they are typically soft targets for cybercriminals to penetrate. Often university departments enjoy independence from each other that can lead to sprawling disparate technology project that can remain unpatched or orphaned with no centralized oversight by IT. Overly permissive access and permissions is another common issue in high education organizations that can easily be exploited by attackers if they gain access to a single user account. Secondly, ransomware gangs know that universities despite being famous for budget issues can produce huge amounts of money to pay ransoms when forced to. This combination of relative ease of compromise and high ability to pay out extortion demands make universities incredibly lucrative targets for cybercriminals.

To protect themselves, educational institutions must adopt a culture of security that understands that risk from cyberattack can cause significant monetary and privacy damages that can have lasting impacts on the organizations ability to deliver education and student’s privacy.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.