360 SOC – Award Winning Managed Security Service Provider

Recent From Blog

We have built a reputation for becoming the #1 choice for businesses and organizations looking for managed security services, security auditing, security assessing, security consulting, security design, vendor sourcing, implementation, and remediation services.

Lincoln College to Close, Hurt by Pandemic and Ransomware Attack

By Christine Chung

Published May 9, 2022U
pdated May 10, 2022, 2:33 p.m. ET

Lincoln College, a predominantly Black college in Illinois, will close this week after 157 years, saying it could not survive the financial challenges of the coronavirus pandemic and a ransomware attack last year.

“The loss of history, careers, and a community of students and alumni is immense,” David Gerlach, the college’s president, said in a statement.

Reached by email on Monday, Mr. Gerlach declined to comment further.

Founded in 1865 and named for Abraham Lincoln, the college had survived the 1918 influenza pandemic, multiple recessions and two world wars.

But the pandemic led to a drop in enrollment and forced the college to make costly investments in new technology, according to the statement. Then, in December 2021, a ransomware attack walled off the school’s access to its data and halted its recruitment, retention and fund-raising campaigns.

Lincoln College, in Lincoln, Ill., has not said how much it eventually paid to regain access to its data, though Mr. Gerlach told The Chicago Tribune that it paid a ransom of less than $100,000. The ransomware attack originated in Iran, he told The Tribune.

When the college’s access to its data was restored in March, projections showed “significant enrollment shortfalls” that would require a “transformational donation or partnership to sustain Lincoln College beyond the current semester,” the school’s statement said. Mr. Gerlach told The Tribune last month that Lincoln needed $50 million to stay open. The money did not materialize.

“I believe, if we had more time, that we would have been able to have found someone but, this is all out of our control,” Annette Roter, an associate professor, said in a Facebook post consoling the thousands of students, faculty and alumni who worked to keep the school open.

In recent years, cybercriminals have targeted schools, colleges and universities that are often unprepared to ward off ransomware attacks, in which victims’ digital data is encrypted until the victim pays.

Brett Callow, a threat analyst at Emsisoft, a New Zealand-based cybersecurity firm, said ransomware attackers simply go wherever they can to make money.
Editors’ Picks

“If they do find a particular sector to be particularly profitable, they will hit this over and over and over again,” Mr. Callow said. Schools should take precautions, such as implementing multifactor authentication and promptly installing security updates, he said.
Last year, 1,043 schools in the United States were the victims of ransomware attacks, according to an analysis by Emsisoft. Of those, 26 were colleges or universities.
Henry Stoever, president and chief executive of the Association of Governing Boards of Universities and Colleges, said that technology “touches almost every part of the academic enterprise,” including financial and health information for students and faculty, and data on donors. Losing that data can be devastating, he added.

Austin Berglas, the global head of professional services at BlueVoyant, a New York City-based cyberdefense company, said that the average cost of a ransom attack aimed at a college or university is roughly $115,000, a low number compared to other sectors. Colonial Pipeline, the operator of a critical fuel pipeline on the East Coast, paid $5 million to recover data that was stolen in a ransomware attack last year.

The decision to pay depends on factors including whether the targeted institution caught and halted the breach in time, Mr. Berglas said.

A November 2020 attack on the Baltimore County Public Schools in Maryland forced the system to close for three days and erased data including grades and lesson plans. The cost of repairing the damage from the attack was nearing $10 million in November, according to the NPR affiliate WYPR. The district has not said what the demands were or whether the ransom had been paid.

Some victims, like the Broward County Public School District in Florida, the nation’s sixth largest, have publicly refused to pay. In March 2021, hackers demanded $40 million to keep them from releasing sensitive data, including financial contracts and Social Security numbers. A month later, cybercriminals posted about 26,000 files online, according to The South Florida Sun Sentinel.

After it chose to pay the ransom, Lincoln College and its students mounted a last-ditch social media and fund-raising campaign, including a GoFundMe page, to try to save the school.

But with the announcement that the school would close for good on Friday, Lincoln students, faculty members and graduates were struggling to come to terms with the loss.
Arielle Williams, 26, who graduated in 2017 with an associate degree in communications, said in a direct message on Instagram that the closure was devastating.

“My college memories are so close to my heart,” she said, adding that she had met many of her closest friends at Lincoln. “It’s bittersweet,” she added, that she would not be able “to go back and show my kids when I have them.”

https://www.nytimes.com/2022/05/09/us/lincoln-college-illinois-closure.html

Related Posts