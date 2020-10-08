NORMAL — Heartland Community College officials said Wednesday they are “making steady progress” in restoring their online operations, which have been shut down since a cyberattack was detected Monday.
Ironically, the attack came during National Cybersecurity Awareness Month.
It also came as a growing number of colleges and universities are becoming victims of cyberattacks at the same time they are increasingly reliant on remote learning because of the COVID-19 pandemic. About 80% of Heartland students are taking classes online this semester.
“Our priority is to restore service to our students and faculty so they can get their work done,” said Scott Bross, Heartland’s chief information officer.
Heartland first noticed problems around 7 a.m. Monday and later determined it was tied to malicious activity, he said.
Outside consultants are working with Heartland to resolve its problems.
Protecting yourself
Officials at Heartland and Illinois State University said it is important for computer users to recognize potential threats to computer security.
“It’s pretty common to spend a lot of money on technology and still be at risk,” said Dan Taube, interim chief security information officer at Illinois State University. “The most effective control is educating the users.”
That includes learning how to detect an email that’s suspicious and how to know a file might not be safe to open, he said.
“We see phishing attacks regularly,” said Taube.
In email phishing, the sender often uses a false identity and attempts to get the recipient to click on a link that can activate “malware” — malicious software — that damages or gives hackers access to data.
Because email attacks tend to be the first stage, Taube recommended always checking the email address of the sender, not just the name and always checking links. On a computer, you can hover over a link or sender name to get the full address, he said. On a mobile device, touch and hold, he said.
Bross said nationwide, activities of all types, whether it’s malicious phishing emails or other attempts to compromise systems “have been on the rise in this COVID situation.”
“We’re all spread out and working in different places. … We’re doing things in new ways and we may not be aware of the risks,” said Bross. “We’re all more susceptible.”
Charles Edamala, ISU’s chief information officer, said,” Information Security is complex and dependent on systems that have to be constantly monitored, processes that have to be regularly assessed, and on people who have to be educated on an ongoing basis to be alert.”
He added, “It is the equivalent of making sure all the windows and doors in a house are secured every night; except that we become aware of new windows in the basement on an ongoing basis.”
Email phishing is not the only way a system can be compromised.
“It can even be as easy as someone finding a thumb drive and plugging it into a work computer.” Said Edamala. “An institution can be up on their security measures but it all falls apart if someone gives the keys to the house away.”
Ransomware attacks
Other types of attacks are known as ransomware, in which hackers encrypt some data or lock up a personal device until a ransom is paid.
“My biggest fear is certainly ransomware,” Taube said, because of how damaging it can be to an institution and how wide ranging the impact can be.
“In the past two years, there’s been a spike in organizations being targeted,” he said.
In August, the University of Utah paid more than $450,000 in a ransomware attack on one of its computer servers. Two months earlier, the University of California-San Francisco paid $1.1 million in a cyberattack on its School of Medicine.
And it’s not just educational institutions that have been attacked.
Hackers took over Champaign-Urbana Public Health District’s website in a ransomware attack in March, just as access to public health information became critical in the early days of the pandemic.
The Wall Street Journal reported in September that medical institutions across the world have faced an onslaught of hacking attempts this year. In Germany, a woman died last month after she was turned away from a hospital that had been struck by ransomware and forced to send patients to other facilities, delaying their care.
There have been no reports of ransomware attacks in The Pantagraph area. But in 2016, an information breach at ISU resulted in direct-deposit payments of 13 faculty and staff members being diverted to another account. At least five universities nationwide were hit with similar crimes, according to information at the time.
Taube said the origin was people clicking on links in phishing emails.
As result of the 2016 incident, the university added steps to the process for changing certain sensitive information, he explained.
“It’s definitely inconvenient for the user but it’s that kind of control that has to be in there,” said Taube.
Bross agreed.
"Security and convenience are opposites," he said. "Every organization has to choose where you’re at on that spectrum."
