Austin Peay State University in Tennessee first warned students of a ransomware attack through its emergency alert system on Wednesday, urging users on the campus network to disconnect immediately.
Minutes later, the university issued another alert: “APSU ALERT: Ransom ware attack. THIS IS NOT A TEST. SHUT DOWN ALL COMPUTERS NOW.”
The university sent out the alerts on its social media platforms using software from Rave Mobile Safety. About two hours later on Wednesday, the university announced IT teams were containing the attack.
Staff are reporting to campus as scheduled on Thursday, but students have a pre-set study day and were not planning to attend class on Thursday anyway, university spokesperson Bill Persinger wrote in an email to EdScoop.
IT staff at Austin Peay State are still assessing the impact of the attack, and some IT systems are offline, he wrote. The ransomware attack came two days before the scheduled start of exams. Attacking during administrative deadlines, exam periods or holidays is a common approach for bad actors seeking to raise the value of the data that they’re locking up for profit.
APSU, located in Clarksville, northwest of Nashville, enrolled more than 10,000 students in Fall 2020. The four-year institution is located in the city with the youngest population in Tennessee, according to its website, and competes in Division I sports.
The ransomware alerts on Twitter drew some quizzical responses from followers, with some asking why the IT team did not force a shutdown of the wireless network instead of alerting campus. Persinger declined to comment further on how the event unfolded, citing an ongoing police investigation.
Computer labs at Austin Peay State are still not open on campus, and staff are asked not to use their work computers, the Nashville TV station WKRN reported.
Ransomware continues to plague universities into 2022. Emsisoft’s Brett Callow tweeted that APSU is one of at least 12 universities or colleges to suffer ransomware attacks this year and that 10 of those institutions reported stolen data. APSU has not announced whether the attack compromised personal data.