Rebuilding after ransomware: Heartland Community College invests $1 million

Following a ransomware attack last October that disrupted the Heartland Community College of Illinois, leaders this month approved a budget to rebuild defenses, but also to position systems to quickly adapt to future ones Adjust threats.

“We looked at our back-end data management,” said Steve Fast, public information director at Central Illinois College. “When we had to take everything off and fall back on backups, the thought was, do you want to go back to the way it was before, or do you want to speed up some of these projects?”

The ransomware attack on Heartland, as well as a general surge in cyber attacks on universities, sparked $ 1 million investments in cybersecurity this year. Fast said that community college cybersecurity improvements were already outlined in its 10-year plan, and the money to fund this year’s changes came from years of budget planning.

“The risk is not going to decrease – it will be increasing,” Fast told EdScoop. “We had to speed up some of the plans we had as a result of the interruption to upgrade or replace some of our systems as we changed our approach and we were back online after the interruption. But that was all connected to what we had planned for the long term. As the methods and systems evolve themselves, we need to implement solutions that allow us not only to build what we’ve already done, but also to make adjustments as conditions change. “

The college’s systems were back up and running a week after the attack, but Scott Bross, the college’s chief information officer, reportedly told trustees this month that some systems are still being restored. It came after the university said it contacted more than 1,600 people to inform them that their data had been compromised by the attack.

Planned improvements include multi-factor authentication, secure messaging, virtual desktop infrastructure, and increased monitoring of phishing attempts.

“We have regular cybersecurity training courses every year. But sometimes these things can be quite demanding, so we added another email filtering platform to help with that, ”he said.

It almost refused to comment on what measures have already been taken and which still need to be implemented, which it believes is “best security practice”.

Cyber ​​attacks are increasing in the higher education sector. Sierra College in California experienced a system failure due to ransomware activity last month. Des Moines Area Community College, Iowa, was unable to hold classes for more than a week due to an attack that was finally identified as ransomware in June. And the University of Massachusetts Lowell canceled classes this month over a possible cyberattack.

According to a recent report from cybersecurity firm SonicWall, COVID malware attacks for the education industry spiked in early fall after students returned to school. In terms of malware attempts per customer, education was the hardest hit industry from August 2020 through the end of the year, according to SonicWall. The company’s researchers also found encrypted attacks – attacks sent over the HTTPS protocol – up 4% across industries, while education rose 292% year-over-year, second only to health, where encrypted attacks increased by 351%.