Monroe College's IT system was hacked last week, disabling many of its technology systems and platforms as hackers demanded $2 million ransom in Bitcoin to restore access. Faculty, students and staff members were locked out of the college's websites but continued to attend class and hand in homework, regardless.
The college's main website was reinstated over the weekend following the July 11 cyberattack as the college's team worked "feverishly to bring everything back online." Despite the attack, the college continued to operate in "the way colleges did before email and the internet, which results in more personal interactions." Monroe College does not know who orchestrated the attack but is working with local law enforcement officials and the Federal Bureau of Investigation. There has been no comment on whether or not the college plans to pay the $2 million ransom.
Experts claim that similar attacks have been "linked to a small number of sophisticated criminal groups" that gauge the organization's ability to pay the ransom." Other institutions such as Grinnell, Oberlin and Hamilton Colleges were victims of ransomware which attacked their admissions systems, but the ransom dropped from a few thousand dollars to $60, according to Inside Higher Ed. In many scenarios, the cyberattacks start off with a phishing email - a fraudulent and harmful email under the guise of a trusted one. If a student unintentionally clicks or opens a phony email or inserts their personal information, hackers are able to install malicious malware software (aka ransomware) which encrypts and blocks access to users' computer files. Then, the hackers demand money for the encryption key which forces the institution to either repay or rebuild their systems if they are no backups of the system. In the instance of Baltimore, the city government refused to pay hackers and instead, rebuilt its systems which cost over $18 million - rather than paying the demanded $76,000 ransom. Within the last year, a reported 56% of organizations in the education sector saw an uptick in phishing schemes, according to Mimecast's State of Email Security.