Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Education Security Technology

Illinois College, Hit By Ransomware Attack, To Shut Down (nbcnews.com) 58

Posted by msmash from the breaking-news dept.
Lincoln College is scheduled to close its doors Friday, becoming the first U.S. institution of higher learning to shut down in part due to a ransomware attack. From a report: A goodbye note posted to the school's website said that it survived both World Wars, the Spanish flu and the Great Depression, but was unable to handle the combination of the Covid pandemic and a severe ransomware attack in December that took months to remedy. "Lincoln College was a victim of a cyberattack in December 2021 that thwarted admissions activities and hindered access to all institutional data, creating an unclear picture of Fall 2022 enrollment projections," the school wrote in its announcement. "All systems required for recruitment, retention, and fundraising efforts were inoperable. Fortunately, no personal identifying information was exposed. Once fully restored in March 2022, the projections displayed significant enrollment shortfalls, requiring a transformational donation or partnership to sustain Lincoln College beyond the current semester." The Illinois school, which is named after President Abraham Lincoln and broke ground on his birthday in 1865, is one of only a handful of rural American colleges that qualify as predominantly Black institutions by the Department of Education.
This discussion has been archived. No new comments can be posted.

Illinois College, Hit By Ransomware Attack, To Shut Down More

Illinois College, Hit By Ransomware Attack, To Shut Down

Comments Filter:

  • Sure (Score:1, Troll)

    by davebarnes ( 158106 )

    This reminds me when my local butcher shop in Denver closed after 47 years in business and blamed it on 9/11.

    • Re: (Score:2, Interesting)

      by Anonymous Coward
      Was it an halal butcher shop?

      If so I can see how, if Muslims were laying low and didn't want to be seen going in there.

    • Re:Sure (Score:5, Insightful)

      by caseih ( 160668 ) on Monday May 09, 2022 @02:43PM (#62517322)

      Except that it's entirely probable that they might have survived the pandemic (just barely), but that the ransomware attack was just too much. Makes me angry how there are some people that just want to destroy. Such a waste.

      • Re:Sure (Score:5, Insightful)

        by bill_mcgonigle ( 4333 ) * on Monday May 09, 2022 @02:54PM (#62517344) Homepage Journal

        I agree that there's not much they could have done about the lockdowns, but there could be lessons here for:

        * an over-aggressive covid policy
        * backups
        * testing backups
        * not denying the IT people the budget for backups
        * not denying the IT people the budget for security
        * running Windows everywhere
        * running Windows without continuous backups
        * a DR plan that provides for continuity without IT systems (this was big when I was in healthcare disaster planning, for obvious reasons)
        * not having the requisite insurance to cover an attack
        * not being subject to insurance oversight to help prevent an attack

        Yeah, the ransomware gang lit the match, but usually these are piles of tinder waiting to go up.

        Is it victim-blaming? Yeah, and sometimes that's appropriate. The ability to recover from a ransomware attack is a known practice.

        This will make a fine case study to help prevent another similar incident from happening again. I feel really bad for all the students, faculty, staff, and alumni who will be quite harmed by the poor decisions of just a few bad actors.

        • Re:Sure (Score:4, Informative)

          by aaarrrgggh ( 9205 ) on Monday May 09, 2022 @03:32PM (#62517450)

          If you are properly prepared it might only cost $100k to recover, but an average I heard for a company with 200-500 employees thrown about was $350k for the IT portion and about the same for the legal and administrative portion of recovery. The time component is also a huge issue-- recovery takes time out of other priorities.

        • Re:Sure (Score:5, Informative)

          by WingManMan ( 9770530 ) on Monday May 09, 2022 @04:16PM (#62517604)
          That all reads well for a sophisticated and well-funded enterprise, but this is an HBCU (already chronically underfunded) in a rural area (further underfunded and with limited local IT talent) with just 800 total students (not large) and an average tuition of $19.2K before financial aid (about half the national average).

          This is getting to a point where there needs to be some sort of federal, coordinated effort to harden infrastructure across the board; otherwise small players will continue to get destroyed because they don't have a $2 million IT budget.

          In this case, it's an extremely marginalized community resource that was already under duress that has been lost, and cannot be easily replaced.

          • This... completely. I actually did some consulting work for them a few years back (around 5 years ago) and even then we called out backup and DR as a risk. They knew it was a risk but all they could do was take recommendations to the board.

            Sad... and unfortunately in the end inevitable.

      • It's probable that a ransomware attack is an excuse to close the doors of a failing institution.

        • I used to own a business....and your post is the real story.

          I owned a print shop. I could get an idea of how a business was doing, based on what they ordered from me (and how they paid). I knew when someone was in trouble.

          The reasons they would give for going out of business were always just the immediate issues. The real reasons were always evident much earlier.

          Pro-tip- if business every says, "our credit card system is down right now" that 99% of the time means they are having problems with the bank,

      • Re: (Score:2)

        by lsllll ( 830002 )
        Make me more angry that it took them 3 months to get everything back up. Did they not have a disaster recovery plan? The least thing they should have had was good backups. Seems like they didn't invest enough in IT or hired losers, in which case going under was overdue.
        • Even in the best run companies, IT is considered a necessary evil, and is often overlooked. Do you really think an institution with their background has the staff, or equipment to manage proper IT functions? I'd even guess their computer systems were hand-me-downs from elsewhere. It's rather like critical mass in that a lack of management IT expertise leads to shortages in technical competence and resources. At some point, boom!
      • The issue is that these companies and institutions continue to ignore and fail to spend what amounts to small money for backup services. There is literally no reason for it. It is the "It won't happen to us" thinking and then it does! NAS hardware is cheap. Backup to external services is cheap. Bandwidth is cheap. 100s of employees out of a job is devastatingly expensive! This didn't have to happen and had they backed up they might have lost a day or at most a weeks worth of information depending on

        • Re: (Score:2)

          by shmlco ( 594907 )

          Cheap is relative, I guess. Backblaze, for example, wants $14,000/yr to keep a couple of hundred computers backed up. That doesn't factor in server backups, IT support, or additional security systems and software designed to prevent an issue. Nor does it factor in the costs of actually recovering from a breach and re-securing and re-downloading all of those systems.

          I mean, I get what you're saying when compared to the total net worth of the business, but I can also see where a marginal business might flinch

          • Here is the rub to your answer. Most all of the critical information would/ should reside on only a few servers now days. Most are now using a SAN or NAS for their storage and backup so you simply have to do the snapshot on those few. The user machines in most such environments are a basic image that can be reloaded by booting a thumb drive and then pulling from an image on the NAS. You only really need to snap up the user files, These being on a NAS or on a server attached to the NAS or SAN. And about

    • Re:Sure (Score:4, Interesting)

      by Antique Geekmeister ( 740220 ) on Monday May 09, 2022 @03:31PM (#62517446)

      Shipping meat became expensive, and slow, after 9/11. For a butcher shop reliant on prompt deliveries, as well as for fish restaurants around the globe, 9/11 was devastating.

      • 9/11 made exactly zero difference to the fish restaurants where I live, because how could it?

        • It raised shipping prices considerably, and shipping delays as airports increased cargo inspections and revised their security. Similar price increases occurred durig he air traffic controller's strike in the 1980's. If you live near a seaport, it may have helped lower local prices temporarily.

          • That must be an American thing, because it didn't happen here. Or in any of the other countries I was dealing with at the time which was most of Asia, and a couple of European countries.

    • Considering the amount she has donated to these types of organizations, it seems odd that this one got skipped, if all it needed
      was a "transformational donation or partnership". I find it hard to believe that they didn't solicit her. If they didn't, they're idiots. If they
      did...she may have seen it as a poor choice to "invest" in.

      There's probably more to it's failure...possibly that it's a "rural American college" that wasn't in the best competitive position.

      Look at it on a map...it's in a small town in

    • This reminds me when my local butcher shop in Denver closed after 47 years in business and blamed it on 9/11.

      Lincoln College is an institution, something that has been in existence since the time of Abraham Lincoln. That makes it different from your friendly neighborhood butcher, who could close for any reason, a chain supermarket opening across the street, the grand kids not being interested in continuing the business, or the owner simply getting bored.

      The college I presume still has buildings, which would be unaffected by the pandemic or ransomware attack. Surely that should count for something, say, as collate

  • I don't buy this (Score:3, Interesting)

    by Anonymous Coward on Monday May 09, 2022 @02:38PM (#62517304)

    Fortunately, no personal identifying information was exposed.

    I have read this from many organizations that have been hit by ransomware and I have a hard time believing they can back it up.

    I know first hand from a company I worked for that they carefully worded all of their statements such that in a legal sense they were saying they hadn't found any evidence that personal info had been taken, not that they ere sure it hadn't. If some group has enough access to your network to fully inventory it, long enough to backdoor pretty much all of your critical servers, how can you possibly know what they did or didn't move off your network? Just because they haven't published it doesn't mean they didn't take it.

    • I can see a scenario where an enterprise detects that a ransomware attack is in progress, and literally pulls the plug immediately. If they don't see a spike in outgoing traffic, odds are the attackers were probably not able to pull a signifgant amount of data off of their servers. From what I understand, ransomware attacks generally encrypt everything and ransom the decryption key, so stealth is of upmost importance. If a network op notices a ton of data going to some random IP it's going to raise suspicio

      • Haven't some of the recent ransomware also threaten to release company info if a ransom isn't paid?

        That implies they also copy data, before they encrypt everything. The groups threaten to leak sensitive info if ransom isn't paid. Sort of putting pressure on the victims to pay.

  • Anyone know more info on the attack used? I know it was "ransomeware" but how was it propagated on all their machines without someone noticing before it was too late?

    • Maybe disguised as a coupon.

    • It's not a big school...so not a lot of machines to propagate to. It's only 800 students, so the administration is probably just (I dunno) a few dozen people? So, probably fewer administrative computers than you'd think...

      But really, it likely hit their accounting system, which could just be a handful, or (eek) even one machine...and they probably no longer have any concept of which students owe them, and how much. With the levels of individual financial aid involved, I'm sure the accounting is messy.

      If

  • The IT department there, did not have firewalls setup or backups in place? A college is supposed to have smart people there. It is a shame for what this means to students who were close to graduation.
    • Colleges have some of the worst run IT infrastructure in the country. It is getting much, much better. There was a time when they would basically let anyone do anything as long as it was in the name of education. It's how thinks like Yahoo! and Facebook were born. I went to a major university, and they didn't even have a spam filter at the time. Received 10-20 phishing attempts a day. Started forwarding all of them to the IT department. Only then did they realize how bad it was, and implemented some basic f

  • If they're anything like almost every other college and university in the US they can just fire a couple of the useless corrupt do-nothing "administrators" pulling in enormous salaries and they'll have a large budget surplus in no time.

  • Where are the full system backups? Every computer should have an image that can be restored, and all data should have a daily, if not hourly backup. All that should have been required was a full network reset, from the backups. A full systems image campus wide, and an upgrade to all networking equipment to make sure it doesn't happen again.

    My guess is that there were no backups, or at least no useful backups, and that nothing was secured or protected.

    • Well, duh. It's a small, poor, rural college. Resources for that kind of thing are limited. And some greedy asshole targetted them.

      • What would really be required to make it work? 100 TB of space? Maybe 1 PB of space? I'm sure they could have made it work if they wanted to, storage is cheap, tools are free, and there's really no good excuse otherwise.

  • So, (Score:1)

    by Tablizer ( 95088 )

    my Lincoln College Cyber Security degree must now be worth squat.

  • Illinois College (Score:3, Interesting)

    by gillbates ( 106458 ) on Monday May 09, 2022 @11:02PM (#62518440) Homepage Journal
    Illinois College is in Jacksonville; Lincoln College is in Lincoln Illinois. Yes, it's a very small college, but everywhere you go in that town, people are proud of the fact that their town was named by President that ended slavery in the United States. Who, as it turns out, was a Republican. There are quite a few people in Illinois who look down on Lincoln because it serves as a constant reminder of the mistreatment minorities suffered at the hands of Democrats, and the degree to which - even in the "Land of Lincoln" - inequality persists to this day. If Lincoln College was not in Lincoln, if it had been named something different, or if it hadn't been predominantly black, they could have called on the governor for a favor. (Yes, Illinois is that corrupt). But they happen to be a long standing embarrassment to Democrats in the state, so the closure will most certainly be celebrated in Springfield.
    • Comment removed based on user account deletion

      • Re:Illinois College (Score:4)

        by gillbates ( 106458 ) on Tuesday May 10, 2022 @08:44AM (#62519054) Homepage Journal

        Well, let's see here.

        Andrew Jackson, a Democrat, not only massacred Native Americans, but was responsible for the Trail of Tears, in defiance of the Supreme Court.

        And we all know how the Southern Democrats started a war with the rest of the country to continue slavery.

        And even a hundred years later, it was Republicans who passed the Civil Rights Act. And George Wallace, a Democrat, who said, "Segregation yesterday, segregation today, segregation tomorrow." And in spite of this, he not only remained a Democrat in good standing, but active in politics well into the 1980s.

        And Hillary Clinton eulogized Robert Byrd, a grand dragon of the KKK, in 2007.

        And during his term, President Trump, a Republican, overturned the laws which created drug sentencing disparities between whites and blacks.

        And our current President was sued, and lost, because he issued Covid relief payments on the basis of race. And he openly stated that he would chose the next Supreme Court justice based not on her qualifications, but on her race.

        It's not like the Republicans are angels - this is politics, after all. But while the Democrat social policy objectives sounded good, I never could stomach the fact that the cost of progressive social policy was electing people who were openly racist, and used social policy as a tool to oppress blacks and minorities. I get it - some of you will invariably ask, "But how does that affect me?" I don't have an easy answer for you, because you'll never have to navigate the morass of government bureaucracy, but I can tell you that if you're voting for Democrats, you're part of the legacy of slavery and racism in this country. Maybe you believe in progressive ideals, but if so, perhaps you ought to consider forming your own party which doesn't come with the baggage of the Democratic party.

        When we talk of "the legacy of slavery and jim crow..." we're talking about the history of the Democratic party in America. And unfortunately, Illinois is still run by the Democratic party. Maybe you didn't know this, but both Chicago and Illinois have race-based preferential treatment systems in place. I could wax on about how preferential treatment based on race is used by government to ensure resentment between peoples of different races.

    • What does this have to do with a ransomware attack?
  • I'm a little displeased to hear this. Because I studied there. Taught, read, and wrote about animal testing using https://gradesfixer.com/free-essay-examples/animal-testing/ [gradesfixer.com] for this. Where I expressed my opinion about this. And now I learn such news and it becomes sad in my soul. It was a wonderful college with good teachers who taught me a lot.

Slashdot Top Deals

No man is an island if he's on at least one mailing list.

Close