A ransomware attack at New York City's Monroe College has shutdown the college's computer systems at campuses located in Manhattan, New Rochelle and St. Lucia.
According to the Daily News, Monroe College was hacked on Wednesday at 6:45 AM and ransomware was installed throughout the college's network. It is not known at this time what ransomware was installed on the system, but it is likely to be Ryuk, IEncrypt, or Sodinokibi, which are known to target enterprise networks.
Reports indicate that the attackers are asking for 170 bitcoins or approximately $2 million dollars in order to decrypt the entire college's network. The college has not indicated at this time whether they will be paying the ransom or restoring from backups while gradually bringing their network back online.
“The good news is that the college was founded in 1933, so we know how to teach and educate without these tools,” Monroe College spokesperson Jackie Ruegger told the Daily News. “Right now we are finding workarounds for our students taking online classes so they have their assignments.”
This outage has also brought down the college's website at https://www.monroecollege.edu/. When visiting the web site, users will be shown a blank page or a 504 error depending on the browser.
In a post to their Facebook page, the college addresses their web site outage by stating that they have their sleeves rolled up and are working hard to get everything up and running again.
"As you may have seen, our website is down as well as a few of our other systems.
Our sleeves are rolled up and we're working hard to get everything back up and running.
In the meantime, the College is open.
Classes are being held, student activities are taking place, and we're enrolling new students for September. So, if you're thinking about joining us next semester, come on in and say "hello"!
If you need to reach us while our emails are down, just give us a call at 718-933-6700.
Many thanks for your patience!"
Increased ransoms fuel further attacks
This attack is just another in a long list of organizations and cities who have been targeted by ransomware recently that are requesting large sums to restore victim's files.
This trend will continue as ransomware developers become emboldened by the large payouts recently received from two Florida cities. Last month, Lake City paid a 42 bitcoin ransom, or approximately $500,000, and Riviera Beach City paid 65 bitcoins, or approximately $600,000.
This has led The United States Conference of Mayors to make a non-binding agreement to not pay ransomware demands going forward.
Opposing Payment To Ransomeware Attack Perpetrators
1 WHEREAS, targeted ransomware attacks on local US government entities are on the rise; and
2 WHEREAS, at least 170 county, city, or state government systems have experienced a ransomware attack since 2013; and
3 WHEREAS, 22 of those attacks have occurred in 2019 alone, including the cities of Baltimore and Albany and the counties of Fisher, Texas and Genesee, Michigan; and
4 WHEREAS, ransomware attacks can cost localities millions of dollars and lead to months of work to repair disrupted technology systems and files; and
5 WHEREAS, paying ransomware attackers encourages continued attacks on other government systems, as perpetrators financially benefit; and
6 WHEREAS, the United States Conference of Mayors has a vested interest in de-incentivizing these attacks to prevent further harm,
7 NOW, THEREFORE, BE IT RESOLVED, that the United States Conference of Mayors stands united against paying ransoms in the event of an IT security breach.
Comments
thatrez - 4 years ago
3rd paragraph down should say DECRYPT not ENCRYPT
Lawrence Abrams - 4 years ago
Fixed..thx
peanutb - 4 years ago
Does anyone know the root cause of the attack?