On Wednesday, New Mexico Highlands University (NMHU) said it is canceling all classes through this weekend while it continues to address a ransomware attack which started impacting classes on April 3.
Initially, NMHU reported that its campus police switchboard and police poles were not functioning, but by April 5, it was confirmed to be a ransomware attack affecting campus phones, internet and VPN connectivity and employee payroll.
“Cybersecurity is not just a technological issue; it’s a matter of public safety and national security,” said Gov. Michelle Lujan Grisham last week after issuing an executive order mandating comprehensive action to enhance cybersecurity measures across state agencies.
New Mexico is also one of the few states to pass bills that provide funding for cybersecurity training and ransomware response tools.
Meanwhile, this week East Central University in Ada, Oklahoma has issued an advisory stating that it is investigating a ransomware attack that impacted a “variety” of campus computers allowing hackers to access a significant amount of student information including Social Security numbers.
In addition, on April 3rd the University of Alabama filed a notice of data breach after discovering unauthorized access to an employee’s email account that resulted in the threat actor being able to access consumers’ sensitive information, such as Social Security numbers.
Emsisoft threat analyst Brett Callow said his team had tracked 14 attacks on U.S. colleges and universities so far this year and tracked at least 72 U.S.-based post-secondary schools impacted by ransomware in 2023.
BullWall Executive, Carol Volk had this to say:
“Another university hit by a cyberattack. This time, New Mexico Highlands University (NMHU) has taken the hit, with the cyberattack beginning on April 3, leading to a complete shutdown of essential services including the campus police switchboard, internet, VPN connectivity, and even affecting employee payroll. This again highlights the continuing vulnerability of educational institutions to cyber threats, a narrative that is becoming far too common.
“The impact of such incidents stretches well beyond immediate operational disruptions, affecting the trust and sense of security among students, faculty, and staff. This threat is real and needs to rise to the top of the budget to address the need for robust cybersecurity measures within the educational sector.
“This isn’t an isolated incident. As Emsisoft threat analyst Brett Callow pointed out, this year alone, 14 attacks on U.S. colleges and universities have been tracked, following at least 72 similar incidents in 2023. This has become a systemic issue that requires immediate attention and action.
“It is crucial for educational institutions to implement comprehensive cybersecurity frameworks and establish robust incident response strategies. Investment in advanced security tools and technologies, alongside regular audits, and updates to security policies, can significantly reduce vulnerabilities. The recent moves by New Mexico to fund cybersecurity training and ransomware response tools are steps in the right direction, but as these incidents show, there is a pressing need for widespread and proactive measures across the board.”
Education along with healthcare are extremely vulnerable to getting pwned. They more often than not don’t have the resources to properly defend themselves against cyberattacks. That seriously needs to change as at present, they’re easy targets for threat actors.
Related
This entry was posted on April 12, 2024 at 8:51 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Three Educational Institutions Pwned In Cyberattacks
On Wednesday, New Mexico Highlands University (NMHU) said it is canceling all classes through this weekend while it continues to address a ransomware attack which started impacting classes on April 3.
Initially, NMHU reported that its campus police switchboard and police poles were not functioning, but by April 5, it was confirmed to be a ransomware attack affecting campus phones, internet and VPN connectivity and employee payroll.
“Cybersecurity is not just a technological issue; it’s a matter of public safety and national security,” said Gov. Michelle Lujan Grisham last week after issuing an executive order mandating comprehensive action to enhance cybersecurity measures across state agencies.
New Mexico is also one of the few states to pass bills that provide funding for cybersecurity training and ransomware response tools.
Meanwhile, this week East Central University in Ada, Oklahoma has issued an advisory stating that it is investigating a ransomware attack that impacted a “variety” of campus computers allowing hackers to access a significant amount of student information including Social Security numbers.
In addition, on April 3rd the University of Alabama filed a notice of data breach after discovering unauthorized access to an employee’s email account that resulted in the threat actor being able to access consumers’ sensitive information, such as Social Security numbers.
Emsisoft threat analyst Brett Callow said his team had tracked 14 attacks on U.S. colleges and universities so far this year and tracked at least 72 U.S.-based post-secondary schools impacted by ransomware in 2023.
BullWall Executive, Carol Volk had this to say:
“Another university hit by a cyberattack. This time, New Mexico Highlands University (NMHU) has taken the hit, with the cyberattack beginning on April 3, leading to a complete shutdown of essential services including the campus police switchboard, internet, VPN connectivity, and even affecting employee payroll. This again highlights the continuing vulnerability of educational institutions to cyber threats, a narrative that is becoming far too common.
“The impact of such incidents stretches well beyond immediate operational disruptions, affecting the trust and sense of security among students, faculty, and staff. This threat is real and needs to rise to the top of the budget to address the need for robust cybersecurity measures within the educational sector.
“This isn’t an isolated incident. As Emsisoft threat analyst Brett Callow pointed out, this year alone, 14 attacks on U.S. colleges and universities have been tracked, following at least 72 similar incidents in 2023. This has become a systemic issue that requires immediate attention and action.
“It is crucial for educational institutions to implement comprehensive cybersecurity frameworks and establish robust incident response strategies. Investment in advanced security tools and technologies, alongside regular audits, and updates to security policies, can significantly reduce vulnerabilities. The recent moves by New Mexico to fund cybersecurity training and ransomware response tools are steps in the right direction, but as these incidents show, there is a pressing need for widespread and proactive measures across the board.”
Education along with healthcare are extremely vulnerable to getting pwned. They more often than not don’t have the resources to properly defend themselves against cyberattacks. That seriously needs to change as at present, they’re easy targets for threat actors.
Share this:
Like this:
Related
This entry was posted on April 12, 2024 at 8:51 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.