Austin Peay State University becomes latest US school hit with ransomware

Austin Peay State University sent out an urgent message to students and faculty on Wednesday afternoon warning of a ransomware attack affecting the school’s systems. 

The school sent out three tweets about the attack and the university police force put a banner on their website urging everyone on campus to shut down their computers as soon as possible.

They also asked anyone who had a computer connected to the school’s network to disconnect immediately. 

"We are under a Ransomeware attack. If your computer is connected to the APSU network, please disconnect IMMEDIATELY," the school tweeted.

APSU ALERT: Ransom ware attack. THIS IS NOT A TEST. SHUT DOWN ALL COMPUTERS NOW!

— Austin Peay State University (@austinpeay) April 27, 2022

In a statement to The Record, Austin Peay State University executive director Bill Persinger said university emergency managers issued a campus-wide alert notifying the campus to disconnect from the network at around 2:26 p.m. on Wednesday. 

The message was followed a few minutes later with a clarification to shut down all computers, Persinger explained. 

“The University’s Information Technology staff are investigating the incident at this time and believes they have contained the threat. There are no plans to alter university schedules at this time, as today was the last day of classes. Tomorrow is a study day, with exams starting Friday,” he said. 

It is unclear which ransomware group launched the attack. Emsisoft threat analyst Brett Callow, a ransomware expert tracking attacks on universities and K-12 schools, said the attack on Austin Peay State University would be the 12th on a U.S. university or college this year. 

Data was stolen in at least 10 of the ransomware attacks, Callow said, noting that multiple schools were hit by the BlackCat (ALPHV) ransomware group.

Ohlone College, Savannah State University, University of Detroit Mercy, Centralia College, Phillips Community College of the University of Arkansas, National University College, North Carolina A&T University, Florida International University, Stratford University are just a few of the US schools attacked with ransomware this year.

Recorded Future ransomware expert Allan Liska said colleges and universities continue to be attractive targets for ransomware groups.

“2022 is shaping up to be even worse than 2021 in terms of ransomware attacks on schools,” he said.

“Like primary and secondary schools, colleges and universities struggle and lack the budget and staff to properly secure themselves against the onslaught of ransomware attacks.”

Liska said through March of 2022, his team has recorded 37 publicly reported ransomware attacks against schools, compared to 127 in all of 2021. The first 3 months of this year have seen more attacks than in any previous year, he added.

Callow noted that the constant stream of attacks was more evidence that governments need to find a way to protect schools against ransomware. 

“The ongoing barrage of attacks costs millions, disrupts kids’ education and, in many cases, results in the personal information of staff and students leaking online,” Callow said. “Part of the solution is ensuring that schools actually implement basic good practices like using MFA. Unfortunately, too many still do not.”