Howard University shuts down network after ransomware attack

The private Howard University in Washington disclosed that it suffered a ransomware attack late last week and is currently working to restore affected systems.

University officials expect full recovery from the incident to take a long time although work is being done to remediate the situation as quickly as possible.

Classes canceled, WiFi down

The attack took offline a large number of university systems, leading to reduced operations. Classes on Tuesday were canceled and the physical campus remained open only to essential employees.

imit and mitigate cybercriminal activity, the university’s Enterprise Technology Services (ETS) shut down the network and started to investigate the issue.

Also Read: Personal Data Websites: 3 Things That You Must Be Informed

WiFi on campus remains unavailable as a result of the attack and the connection will be so until finding the best solution to restore it.

Applications stored in the cloud have not been impacted by the attack and are active and available. Other apps may not be accessible due to ETS’ work to restore systems.

Although the university is working to restore operations, there is no estimate for complete remediation. Officials informed that recovery from a ransomware incident “is a long haul – not an overnight solution.”

“We are currently working with leading external forensic experts and law enforcement to fully investigate the incident and the impact” – Howard University

Based on evidence collected so far, the university says that there is no indication of personal information “being accessed or exfiltrated.”

This is not a definitive conclusion, though, as the investigation continues and it is well known that most ransomware gangs adopted the double-extortion tactic where they also steal data before encrypting it, threatening with leaking the files unless the victim pays for the decryption key.

The university has taken additional steps to increase the protection of all sensitive personal, research, and clinical data against unauthorized encryption.

The FBI has been informed of the situation. The university has also contacted the D.C. city government.

Also Read: PDPA For Companies: Compliance Guide For Singapore Business