Howard University is forced to cancel classes and turn off WiFi in dorms after ransomware cyber attack

Howard University has canceled classes and switched off its internet service after its IT team detected a ransomware cyberattack over the Labor Day weekend. 

 The Washington DC school also closed its campus to all but essential staff and turned off its WiFi connectivity, including in student dorms.

The historically-black college wrote in a press release on Monday that the breach was detected by the university's Enterprise Technology Services, who uncovered 'unusual activity' on the network on Friday and shut it down to investigate. 

In a later update, the school wrote that in-person classes will resume tomorrow and that an alternative WiFi source would be made available on campus. 

But online and hybrid courses will remain suspended. 

'To date, there has been no evidence of personal information being accessed or exfiltrated,' the school assured in the statement.

'However, our investigation remains ongoing, and we continue to work toward clarifying the facts surrounding what happened and what information has been accessed.'

The school gave no indication of when online or hybrid courses would resume.

Executive Vice President Tashni-Ann Dubroy said that the process would be 'a long haul - not an overnight solution.'

The school have not said exactly what activity had triggered the lockdown, what systems may have been compromised, or whether hackers had demanded a ransom. 

Howard University wrote in a press release on Monday that the breach was detected by the university's Enterprise Technology Services, who uncovered 'unusual activity' on the network and shut it down intentionally to investigate

Presently, the entirety of Howard's campus is shut down, with the exception of its two cafeterias.

Howard is the latest educational institution to be hit by ransomware since the coronavirus pandemic began - the FBI's Cyber Division recently warned that cybercriminals are now targeting schools as they shift en masse to remote learning.

'Since 2020, ransomware groups have been looking at colleges and universities as a way to get bigger payouts,' Allan Liska, a data analyst with Recorded Future, told The Daily Beast. 

'And, unfortunately, because of the nature of these networks, college and universities have a large and often poorly secured attack surface.' 

'Generally, when schools cancel classes, it means at least some critical systems were locked up by the ransomware actors,' said Liska. 'We’ll know more in the coming days, but that is usually the case.'

Currently, there are 6,526 undergraduate-level students at Howard University, and 10,002 students in total. Classes began on August 23.

Nnamezie Ononuju, a first-year medical student at Howard, told MSN that the shutdown forced him use the WiFi at a nearby Starbucks on Sunday to study, and that the medical school was left unable to upload lecture recordings on Friday.

'Over the course of the weekend, I saw many Howard students on their laptops at coffee shops and anywhere else they can obtain WiFi, even the Subway on Georgia Avenue,' he told the outlet.

 'Who decided to cyber attack Howard University and have all our classes canceled 2 days in a row??' wrote another student on Twitter. 

'All I know is, I better graduate on time.' 

'My daughter is a student at Howard University. I can confirm this is happening,' tweeted a parent. 'I wonder if the school is being targeted because of Vice President Kamala being a former student.' 

'Who decided to cyber attack Howard University and have all our classes canceled 2 days in a row??' wrote one student on Twitter. 'All I know is, I better graduate on time'

'My daughter is a student at Howard University. I can confirm this is happening,' tweeted a parent. 'I wonder if the school is being targeted because of Vice President Kamala being a former student.'

Currently, there are 6,526 undergraduate-level students at Howard University, and 10,002 students in total

University of California paid out $1.14 million to hackers from NetWalker last year after the hacking group gained access to a number of protected files within the school's School of Medicine servers. 

Also last year, the University of Utah forked over $457,000 to prevent hackers from releasing data stolen during an attack on its network. 

According to Brett Callow, a threat analyst with Emsisoft, Howard University is the 62nd educational sector impacted by ransomware this year. Half of the 2,100 schools that experienced ransomware attacks had data released online, he said.

A 2020 study by the company posits that learning was disrupted at 1,681 individual educational institutions. 

It is unclear what information has been obtained by the unidentified hacking group, or how much money is being ransomed. Classes began just three weeks ago on August 21

According to Brett Callow, a threat analyst with Emsisoft, Howard University is the 62nd educational sector impacted by ransomware this year. Half of the 2,100 schools that experienced ransomware attacks had data released online

Additionally, 560 healthcare facilities and 113 governmental agencies were threatened with data breaches using the technology. In August, an Indianapolis hospital was forced to turn away patients and ambulances in the wake of a cyberattack.

Ominously, Callow wrote that 'we'll likely see a significant increase in sector incidents in the coming weeks,'

'It should be remembered that there have been massive spikes in Q3 in previous years.'

'In each of the last 2 years, the of successful attacks on the education sector has spiked by as much as 1020% between Q2 and Q3,' he tweeted in August.  

'This is a highly dynamic situation, and it is our priority to protect all sensitive personal, research and clinical data,' the university said in its Monday press release.

'We are in contact with the FBI and the D.C. city government, and we are installing additional safety measures to further protect the University’s and your personal data from any criminal ciphering.'