GC software fell victim to a ransom-ware incident carried out by a third-party threat group on Nov. 26.
University systems have long been the target for cyberattacks. Regis University, a private university in Denver, recently experienced a cyber hack causing a shut-down of the institutions internet, email, phone and website. While it is not uncommon for large university computer systems to suffer a ransom-ware incident, it does not make a potential hacking incident any less frightening.
Some equate the term ‘hack’ with an intruder stealing information from a server, however that is not what took place. This potential threat was handled quickly with no compromise to the confidential information held within the university servers.
“Anything that’s on your network can get encrypted so that whoever tried to get on those systems whether it be a server or an individual laptop or desktop that data is encrypted where you can’t read it,” said Susan Kerr, chief information officer at GC.
Kerr explained how that morning a message appeared on a GC administrators computer screen stating that the server had been infected.
She also adds that while the group did ask for money to decrypt the information, GC was not involved in any monetary transactions with the third-party group.
GC has an incident response plan put in place to be prepared for situations like these. Kerr was notified by Jamie Defoor, director of Administration and Web Development Team, that an incident had taken place.
“The first reaction is to drop everything, this is incredibly important, start shutting down everything that we can shut down from a systems perspective,” Kerr said.
“What we saw is multiple systems started showing errors so we then at that point started looking into what the problem was,” Defoor said. “Then we took proactive measures to stop the spread when we identified that it was ransom ware.”
He also added that in today’s day in age these kinds of situations are a fact of life and it is about the response plan in place that determines how the issue is handled.
Kerr immediately began notifying the GC incident response team of what was taking place.
“Most of that conversation in particular in the beginning was verbal,” Kerr said. “We didn’t want to put anything in writing because we were still trying to learn what they have, what do they not have. If I send an email, are they seeing that email? Just to make sure that we are not putting anything in a format that would give them the ability to see what we were doing to try to combat it.”
The issue was resolved by the end of Thanksgiving break with only one server still down, the Bobcat card system. Students were unable to use their cards at certain locations while GC administrators continued to speak with vendors involving the restoration of the system. Students all over campus we’re questioning what could have caused this.
“I knew something was wrong because I use my Bobcat card every day, so it was very confusing when I was all of a sudden unable to swipe it.” said Grayson True, a sophomore sports medicine major.