The following Campus Echo staff contributed to this story: Allexus Killian, Kaitlyn Kornegay, Mesa Jones, and Chris Frazier.
______________________________________________________
A cyberintrusion over the weekend has devastated N. C. Central University’s digital infrastructure.
“Someone left the gate open for the cows to roam,” said Rachelle Gold, a professor in the Department of Languages and Literature.
She hasn’t been able to send emails through Canvas to her students and it’s affecting how she grades final papers. Gold also says that her class sessions will remain, but may have to modify her final exam. She is in the same boat as all NCCU faculty.
Some faculty say things are especially grim for students whose work requires access to subscription-based software, like the Adobe Creative Cloud, whose work, often their final projects, is stored on NCCU servers. For them, everthing’s come to a grinding halt. Additionally, all online courses have been suspended.
“Today I have class at 11:35 but my professor’s not here and I’ve tried messaging her. We have no idea if we have class or not,” said Imara Harrell, an mass communication senior . “I have no service on campus so sometimes messages will just randomly come through.”
Ever since Sunday, Harrell has been in the same boat as all NCCU students. She wonders if there’s a ransom being demanded for the university to return to normal.
According to a variety of sources, a ransomware program called BlackCat may be the likely culprit of the NCCU intrusion. BlackCat has been the source of hundreds of university attacks worldwide.
N.C. Agricultural and Technical State University was cyberattacked by BlackCat ransomware in March 2022 over spring break. The hackers claimed, on A&T’s website, that they had personal information including social security numbers, contracts, financial information, email databases, and more. This claim was soon dismissed by officials at N.C. A&T.
According to Cybersecurity360, when BlackCat ransomware attacked the University of Pisa in Italy they demanded $4.5 million. The ransom group said that this was a “discount price” and that demands would soon increase to $5 million.
According to banksofsecurity.com, when BlackCat attacked the Ecole des Ingénieurs de la Ville de Paris in France, more than 30 gigabytes of personally identifiable and financial information was taken.
According to Check Point Software, educational institutions experienced the highest number of cyberattacks in the first quarter of 2023, rising to an average of 2,507 attempts per college or university per week. That’s a 15 percent increase compared to the first quarter of 2022.
Other universities cyberattacked in the second quarter of 2023 include Bluefield University, Chattanooga State University, Mercer University and Stephen F. Austin State in Texas.
According to Stephen W. Fusi, NCCU’s Chief Brand Officer, the University was alerted to the intrusion on Sunday. Now several organizations, including the FBI, the Secret Service, and N.C. Department of Information Technology, are investigating. Fusi described the overall response as “pretty broad.”
“Groups around campus have been working in their respective areas to work around the limited access we have with some systems,” Fusi said. “Everyone is pulling together to make sure that students are safe and can receive instructions in class, and that operations continue as best as possible.”
Fusi was unable to confirm or deny if a ransom has been demanded or which organization or ransomware was behind the NCCU ransomware attack.
NCCU’s Chief Information Officer, Joel Faison, was hired in August of this year. Faison is an NCCU alumnus who has worked as a director of infrastructure and information security for 11 years. Prior to taking the position at NCCU, he was the CIO at Shaw for a year. Faison replaced Leah Kraus who held the position since 2014.
A number or sources maintain that universities typically face IT staffing challenges and have the slowest recovery rate out of all sectors, including government and corporate. Forty percent of universities took over one full month to recover from a ransomware attack, but 9 percent of higher education institutions reported a recovery time of at least three months.
As reported by CBS news on May 10, 2022, for Lincoln College, a ransomware attack, combined with COVID, was the straw that broke the camel’s back.
According to David Gerlach the HBCU’s president, their ransomware attack, which originated in Iran, blocked the university from accessing student recruitment and retention data, as well as fundraising information. Lincoln paid about $100,000 to recover data. And a GoFundMe campaign was set up with a goal of raising $20 million. But it was all in vain. Not enough was raised to keep Lincoln open.
The HBCU which had survived two world wars, the 1918 Spanish Flu Epidemic, and the Great Depression shuttered its doors on May 6.