Ransomware attack less disruptive than earlier thought, NCU says
Published:Wednesday | February 9, 2022 | 12:10 AMAsha Wilks/Gleaner Writer
The January 20 ransomware breach at Northern Caribbean University (NCU) is expected to be resolved soon as administrators and the state-run cyber response team work assiduously to complete ongoing systems improvements.
Byron Buckley, NCU’s head of corporate communications, revealed that the breach was not as catastrophic as the university had previously suspected.
He stated that after investigations by NCU’s information technology technicians and the Jamaica Cyber Incident Response Team (JaCIRT), it was discovered that none of the important systems, such as accounting systems, had been significantly compromised.
Ransomware is a type of malware that encrypts files on a device, making them unusable for the files and systems that depend on them.
But although the hackers did breach the system, Buckley said it was theorised that they trespassed on the systems server but did not access key data.
It is understood that hackers had encrypted accounting and other files and demanded payment, but Buckley insists that no ransom negotiations were entertained.
The last time NCU received an update from JaCIRT was last week. Buckley was unable to confirm the status of the investigation.
The communications chief disclosed that students use a management system called Aerion, an online platform that facilitates access to lectures. Neither their records nor the lecturers’ capacity to teach has been compromised.
“It is not causing as much administrative dislocation. What we are tending to now is to make sure that we put in the protective systems, machine by machine,” he said.
External backup systems will also be examined, to ensure that they are capable of completing their functions.
All information technology-related activities on campus remain in abeyance.
According to Buckley, the displacement has not been significantly problematic, as students and teachers are using online classrooms.
Students who would be completing lab activities, and would have had access to on-campus facilities, will have to wait until the systems security evaluation is completed.