Lincoln College became the first U.S higher education institution to close in part due to a cyber attack on May 13, 2022.
The historically black college in Illinois announced the closure after 157 years, citing the irreversible financial impact of a 2021 ransomware attack and the COVID-19 pandemic.
“Lincoln College has notified the Illinois Department of Higher Education and Higher Learning Commission of permanent closure, effective May 13, 2022. The Board of Trustees has voted to cease all academic programming at the end of the spring semester.”
Opened on President Abraham Lincoln’s birthday in 1865, Lincoln College reached record enrollment levels in 2019, but saw numbers sharply decline during the COVID-19 pandemic. This impacted their financial stability, putting them in a vulnerable position when they suffered a ransomware attack in December 2021.
The ransomware attack is believed to have originated in Iran. Though the college opted to pay the reportedly $100,000 to $115,000 ransom, the effects of the attack were irreversible, which the college outlined below:
“Lincoln College was a victim of a cyberattack in December 2021 that thwarted admissions activities and hindered access to all institutional data, creating an unclear picture of Fall 2022 enrollment projections. All systems required for recruitment, retention, and fundraising efforts were inoperable. Fortunately, no personal identifying information was exposed. Once fully restored in March 2022, the projections displayed significant enrollment shortfalls, requiring a transformational donation or partnership to sustain Lincoln College beyond the current semester.”
While Lincoln College may be the first higher education institution in the U.S. to shut down in part due to a cyber-attack, chances are they won’t be alone forever.
In fact, a recent report estimates over 1,000 schools in the United States were victims of ransomware attacks in 2021. A quick Google search for “higher education ransomware attacks” reveals how frequent and impactful ransomware attacks on higher education are today.
To put the danger of ransomware in perspective, before they were attacked, Lincoln College survived the 1918 Spanish flu pandemic, the Great Depression, two world wars and the Great Recession.
Would they have survived the COVID-19 pandemic without the ransomware attack? Nobody knows the answer to that, but their odds would likely have been a little better.
So how can higher education institutions and businesses in general protect themselves from similar attacks?
Secure Back up Methods
Schneider Downs strongly encourages organizations to emphasize building robust recovery controls and capabilities such as secure backup and disaster recovery (DR) processes. Having offline backups is a plus, as is implementing network segmentation of backup traffic and management.
And while having DR systems connected to the domain (or domain authenticated) might not be the most secure choice, it does offer some protection.
Cyber Insurance
Organizations that want to be prepared for an attack like this need to determine if they should purchase cyber insurance and ensure that they have purchased an amount that can help them recover for losses incurred.
However, while cyber insurance can be an important business tool against cyber breaches, our recent article Cash and Controls: Qualifying for Cyber Insurance in 2022 explains why insurance is not a panacea for all organizations.
Employee Education
While the root cause of the December ransomware attack was not released, in many cases the initial breach occurs through end user error.
In an interview with WAND News, Sean Thomas, Senior IT Risk Advisory Manager at Schneider Downs, encourages organizations to make sure its employees are aware of the types of the attacks they may face and how to identify warning signs of a potential attack. Whether they learn this through simulated phishing attacks or periodic training, a better-educated employee is a more secure one.
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. For more information, visit www.schneiderdowns.com/cybersecurity or contact the team at [email protected].
In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.
You’ve heard our thoughts… We’d like to hear yours
The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].
Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.
Learn more about the European Security and Markets Authority's final regulatory technical standards regarding the Sustainable Finance Disclosure Regulation. ...
Learn more about the European Security and Markets Authority's final regulatory technical standards regarding the Sustainable Finance Disclosure Regulation. ...
This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.