Image source: APSU
Austin Peay State University (APSU) confirmed yesterday that it had been a victim of a ransomware attack.
The university, located in Clarksville, Tennessee advised students, staff, and faculty to disconnect their computers and devices from the university network immediately as a precaution.
Subsequent tweets by APSU confirm that the attack is being contained and all employees are expected to report as usual.
‘Ransomeware’, ‘ransom ware’, ran somewhere
On Wednesday, April 27th, Austin Peay State University (APSU), via its official Twitter account, confirmed that it had been hit by a cyberattack.
Established in 1927, APSU is a public American university based in Clarksville, Tennessee, whose notable alumni have included reality TV fitness trainer Bob Harper, former NFL player Bonnie Sloan, and the current Secretary of the Kentucky Justice and Public Safety Cabinet, the Honorable Mary C. Noble.
“We are under a Ransomeware [sic] attack. If your computer is connected to the APSU network, please disconnect IMMEDIATELY,” tweeted the university yesterday.
Within a few hours of posting these tweets, APSU reassured that the cyber attack was in the process of being contained and that D2L, the university’s Learning Management System (LMS) was back up online at elearn.apsu.edu.
Further, the school confirms being open today, April 28th, and advises, “all employees report as normal,” and to check their APSU email inbox for further instructions.
Despite that, some users are continuing to report issues with the D2L portal.
ONESTOP & D2L are not working. Server won’t connect or gives me that my sign in is wrong. I haven’t gotten emails to update either
— Harley (@CreedjHarley) April 28, 2022
While some acknowledged the university’s transparency in promptly disclosing the cyber attack, not everyone seems pleased.
“PSA: this is not how you alert your faculty and students of a breach,” said IT Consultant Adam Parsons.
“I hope Twitter isn’t the only way you are notifying students and faculty,” tweeted another user Dan King.
Some were also skeptical of the institution’s approach to incident response [1, 2].
However, during an active ransomware attack, email and IT systems are typically shut down—often voluntarily by sysadmins attempting to control the damage from a cyber attack.
The varied spelling of ‘ransomware’ used by the school—’ransomeware’ and ‘ransom ware,’ within tweets and web pages, also drew a fair amount of ridicule [1, 2].
Higher education is another one of the sectors that continue to be targeted by ransomware groups.
Previously, prominent institutions including Stanford Medicine, University of California, Howard, and UK-based Sunderland, have all been victims of ransomware attacks with some attacks leading to data theft, system outages, and cancellation of classes.
The whereabouts of the threat actors that hit APSU, and the details of the ransom demand are yet to be known.
BleepingComputer reached out to APSU’s officials in advance with specific questions, but a spokesperson says there is no additional information to share at this time.
Update, April 28th, 08:33 AM ET: Added the university spokesperson’s response.
Source: www.bleepingcomputer.com