First published on
The closures illustrate the heightened risk of cyberattacks faced by colleges, which house reams of sensitive employee and student data. Attacks bring financial and operational risks, as schools often have to cancel classes as they recover their systems and restore security. 
A Lewis and Clark representative told Higher Ed Dive via Facebook that the school had limited information to share Monday. In online posts, the school told employees and students to remain off campus until further notice. 
“Out of an abundance of caution, all Lewis and Clark systems will remain offline as we continue to investigate the cybersecurity event and work to recover all critical systems,” the school said in a Facebook post on Sunday. “We appreciate everyone’s patience as crews continue to work around the clock to restore and monitor the safety of all systems before we bring services back online.” 
Butler County Community College’s IT division noticed widespread difficulties last week, according to a school announcement. Officials believe the attack originated Nov. 19, and the IT division notified the campus community on that date that it needed to perform maintenance on some of the college’s servers. 
The college, which enrolls roughly 3,000 students, is working with a regional cybersecurity firm to restore information. 
James Hrabosky, the school’s VP for administration and finance, did not immediately respond to Higher Ed Dive’s request for comment Monday. But Hrabosky said in an announcement Sunday that the college’s IT staff “worked extensively over the holiday break to address the issue.”
These events are becoming more common. Earlier this year, the FBI warned education institutions about a rise in ransomware. And in 2020, colleges and universities were the victims of at least a dozen ransomware attacks, according to an Emsisoft analysis
Ransomware attacks can be costly for colleges. In one recent case, the University of California San Francisco paid hackers $1.1 million to regain control of some of its hijacked servers. Although federal authorities advise against paying ransoms, the amount the university paid is likely much lower than what it would have spent recovering its data.
Follow on Twitter
Get the free daily newsletter read by industry experts
Corporate boards are no longer rubber-stamping assurances from CIOs or CISOs but are bringing in outside experts, asking more questions and preparing for the risk of personal liability.
"PrintNightmare is just like the flipping gift that keeps on giving," Jason Slagle of CNWR IT Consultants said. "You can get popped by it, and then literally every week there's some sort of update." 
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
Want to share a company announcement with your peers?
Get started
Corporate boards are no longer rubber-stamping assurances from CIOs or CISOs but are bringing in outside experts, asking more questions and preparing for the risk of personal liability.
"PrintNightmare is just like the flipping gift that keeps on giving," Jason Slagle of CNWR IT Consultants said. "You can get popped by it, and then literally every week there's some sort of update." 
The free newsletter covering the top industry headlines

source