Louisiana College Struck by Ransomware Attack
Louisiana has suffered another ransomware attack just weeks after threat actors used this pernicious strain of malware to disrupt state IT infrastructure.
Cyber-criminals struck at the beleaguered southern state for a second time on Wednesday, launching a ransomware against Baton Rouge Community College (BRCC). By luck, the incident occurred just two days ahead of students' greatly anticipated commencement ceremonies, when the college's 8500 students were not on campus.
Servers at the college were shut down and the Louisiana State Police Cyber Crime Unit were called in to investigate the incident.
In a memo released to campus personnel, interim chancellor Willie Smith wrote: “The Louisiana State Police Cyber Crime Unit investigators responded immediately and collected evidence from the BRCC network, and have recently confirmed a cyber-intrusion and ransomware situation.
"Presently, the situation is being contained and representatives from the Office of Technology Services are assisting BRCC with network restoration efforts."
Exactly how much money was demanded from the college in the ransomware attack has not been disclosed, however Smith wrote in his memo that the college had not paid it.
Smith said the college was "not aware of any data loss," that had occurred as a result of the attack, but several computers had been affected.
"The investigation remains ongoing at this time, and the IT Department will be sharing additional information regarding cybersecurity efforts and the restoration of individuals PCs," wrote Smith.
BRCC spokesperson Kizzy Payton said on Wednesday that college graduation ceremonies scheduled to begin at 10am today in the college gymnasium would go ahead as planned.
"Nothing is impacting our commencement," said Payton.
Baton Rough Community College students are still able to access email accounts via a workaround method. However, as a result of the incident, college staff are having to manually enter students' grade from the last semester.
Enrollments for next term, most of which have fortunately already been completed, are to be completed manually until the computer network is back online.
Quintin Taylor, chief public affairs officer for Louisiana's Community and Technical College (LCTC), which oversees BRCC, said that no personal information relating to students, staff or faculty could have been impacted by the attack, as such data is stored in a separate system operated by LCTCS.
Source: Information Security Magazine