Ransomware the final nail in coffin for small university

Lincoln College shuttering after 157 years, ransomware attack from Iran final straw


A December attack against a long-standing US college has pushed the institution to permanently close. 

After 157 years, Lincoln College, the rural Illinois university with an average of 1,100 students, is shutting its doors following years of rapid decline triggered by COVID-19 and compounded by the ransomware attack.

The ransomware assault that hit in December 2021 originated in Iran, college president David Gerlach told the Chicago Tribune. According to Lincoln's closure letter, the attack hindered access to all institutional data, interrupted admissions and took retention, fundraising and recruitment systems offline.

The College said that no personal identifying information was exposed.

Gerlach told the Tribune that it cost Lincoln an unspecified amount less than $100,000 to restore the systems. "Once fully restored in March 2022, the projections displayed significant enrollment shortfalls, requiring a transformational donation or partnership to sustain Lincoln College beyond the current semester," the College said.

Attempts to raise funds, sell assets, consolidate jobs and other money-making schemes failed to materialize the $50 million Gerlach said the university would have needed to keep going.

Now, after surviving "the economic crisis of 1887, a major campus fire in 1912, the Spanish flu of 1918, the Great Depression, World War II, the 2008 global financial crisis, and more," it's lights out, lost jobs and students left to hunt for new schools.

Lincoln's shutdown: Avoidable?

Lincoln College has been light with specifics about the attack, which raises a big question: Was the university doing all it could to secure its systems and users? 

"The economic burdens initiated by the pandemic required large investments in technology and campus safety measures, as well as a significant drop in enrollment with students choosing to postpone college or take a leave of absence," the university stated in the letter. 

Indiana University's Research and Education Networks Information Sharing and Analysis Center (REN-ISAC) is a higher education threat intelligence group. It pools threat data, provides intelligence feeds and actionable alerts, penetration testing and more. Lincoln College was not among the 708 institutions from around the world who are part of the group, REN-ISAC director Kim Milford told NBC News. 

Performing regular backups is among the most common advice for businesses, and with good reason: Ransomware isn't an ingress strategy, meaning there are countless ways for an infection to get into a system.

Trying to plug each one can quickly become an exercise in futility, especially without the threat intelligence necessary to know which to prioritize. ®

Broader topics

Narrower topics


Other stories you might like

  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading
  • Big Tech loves talking up privacy – while trying to kill privacy legislation
    Study claims Amazon, Apple, Google, Meta, Microsoft work to derail data rules

    Amazon, Apple, Google, Meta, and Microsoft often support privacy in public statements, but behind the scenes they've been working through some common organizations to weaken or kill privacy legislation in US states.

    That's according to a report this week from news non-profit The Markup, which said the corporations hire lobbyists from the same few groups and law firms to defang or drown state privacy bills.

    The report examined 31 states when state legislatures were considering privacy legislation and identified 445 lobbyists and lobbying firms working on behalf of Amazon, Apple, Google, Meta, and Microsoft, along with industry groups like TechNet and the State Privacy and Security Coalition.

    Continue reading
  • SEC probes Musk for not properly disclosing Twitter stake
    Meanwhile, social network's board rejects resignation of one its directors

    America's financial watchdog is investigating whether Elon Musk adequately disclosed his purchase of Twitter shares last month, just as his bid to take over the social media company hangs in the balance. 

    A letter [PDF] from the SEC addressed to the tech billionaire said he "[did] not appear" to have filed the proper form detailing his 9.2 percent stake in Twitter "required 10 days from the date of acquisition," and asked him to provide more information. Musk's shares made him one of Twitter's largest shareholders. The letter is dated April 4, and was shared this week by the regulator.

    Musk quickly moved to try and buy the whole company outright in a deal initially worth over $44 billion. Musk sold a chunk of his shares in Tesla worth $8.4 billion and bagged another $7.14 billion from investors to help finance the $21 billion he promised to put forward for the deal. The remaining $25.5 billion bill was secured via debt financing by Morgan Stanley, Bank of America, Barclays, and others. But the takeover is not going smoothly.

    Continue reading

Biting the hand that feeds IT © 1998–2022