Virginia Tech was the target of two cyberattacks recently, but the university does not believe that data was stolen or taken.
Tech was one of possibly more than 1,000 businesses and other organizations that were affected by a ransomware attack earlier this month that was centered on U.S. information technology firm Kaseya, a Miami-based company that provides software tools to IT outsourcing shops.
Virginia Tech spokesman Mark Owczarski said Friday that a few university units use Kaseya.
He said the malware the hackers pushed out to Kaseya customers could have exposed Virginia Tech student data, but the university found no evidence that happened.
In a separate attack in May, encryption data was used to attack a university server, blocking the ability of the university to access the data.
Owczarski said that while hackers exploited vulnerable software on the server, there’s also no evidence data was taken.
The university has finished cleaning and restoring the server in the first attack, but it’s still in the process of restoring the computers in the most recent attack, which was more widespread.
In both incidents, Virginia Tech did not pay any ransom money, Owczarski said. The university notified Virginia Tech police as well as the U.S. Department of Education in the most recent attack, as required, because of the possibility that student data could have been taken.
Owczarski said that with all of the digital information the university manages and the recent rise in ransomware attacks, cyberattacks “are not unexpected” but that when attacks like this occur, “it is certainly disruptive and not without headaches.”
However, he said Tech’s precautions help curb attacks and the harmful effects.
“In general terms, we prepare for all this by investing in a very robust cyber security operation, which is constantly assessing, tracking and evaluating nefarious activities in order to safeguard our data and research from criminal elements, and putting in place protocols and training that protects our assets,” Owczarski wrote in an email.
Due to the rise of cybercriminals targeting colleges — a market viewed as highly lucrative — the FBI’s Cyber Division issued a warning in March explaining how hackers infiltrate vulnerable networks using malware that encrypts data on a computer, making it unusable. The cybercriminals may threaten to destroy the data or publicly release it unless a college pays up.
The FBI discourages ransom payments, because it may embolden cybercriminals.