Authored by Amer Owaida, Security Writer at ESET
Howard University, a private research university based out of Washington D.C. admitted that it suffered a cyberattack on Friday. The university alerted both the Federal Bureau of Investigation and the D.C. city government about the incident and added additional safety precautions to protect both staff’s and students’ data.
“On September 3, 2021, the Howard University information technology team detected unusual activity on the University’s network. In accordance with our cyber response protocol, and to mitigate potential criminal activity, Enterprise Technology Services (ETS) intentionally shut down the University’s network to investigate the situation,” said the University in a press release detailing the incident.
Although the investigation is still ongoing, Howard disclosed that it has suffered a ransomware attack. While the university in cooperation with ETS partners is working on resolving the incident and restoring operations, it warned that restoring operations after such an incident is no easy feat and it might take a while.
The university is working with external forensic experts and law enforcement to investigate the cyberattack and its full impact. For the time being it appears that there is no evidence of any personal information being accessed or siphoned from its systems. On the other hand, the investigation hasn’t been wrapped up yet and Howard is still trying to glean what led to the situation and what kind of data may have been accessed.
In the aftermath of the incident, Howard University set up a backup Wi-Fi system on its premises and suspended its online and hybrid undergraduate courses while also extending deadlines for adding and dropping courses. While in-person courses would resume as scheduled the parts that would necessitate internet access may not be available.
“Also, You will receive additional communications from ETS over the course of the next few days, especially surrounding phishing attempts and how to protect your data online beyond the Howard University community,” the university went on to add.
Indeed, students and staff would do well to protect themselves against possible phishing attacks. A good rule of thumb is to always scrutinize any unsolicited emails, especially if they contain suspicious links. Using two-factor authentication where possible to secure accounts is always a good idea and you can never go wrong with by using a password manager to bolster your password security.