After the Hive ransomware group attacked Knox College systems, many students took steps to protect their financial security.
The first article in a series about the recent ransomware attacks.
Just days after fall term finals, the Knox College community was notified of a disruption due to the presence of ransomware in the college’s network. In the weeks that followed, Knox systems were thrown into a state of turmoil as the college investigated the situation. KnoxWireless, among other systems such as the Registrar and tuition payment portals, remained unavailable for weeks over winter break as Knox worked with a private cybersecurity company to repair and rebuild functionality. With winter term in full swing, and no conclusive end to the situation, Knox students are left wondering what will happen next.
Students surveyed largely reported feeling anxiety and confusion after first learning of the ransomware attack. Multiple students also reported that, at first, they didn’t take the threat seriously because of the email sent to students from the ransomware group.
“Their email sounded like a toddler screaming for attention,” sophomore Morgana Simpson said.
Other students found the situation to be comical or ridiculous. “[I felt] like I was at a comedy show,” senior Abbi Harb said. Sophomore Olivia Janunas also called the attacks “funny”.
Many of the surveyed students appreciated the communications from Knox College regarding developments in the attack and its aftermath. However, some criticized the college for being unclear about the severity of the attack, overcommunicating, and repeating the same information in each email. One student, Luis Borr, wasn’t enrolled during fall term and only learned of the attack through word of mouth from students.
“I feel [Knox College] wasn’t honest about how potentially dangerous the ransomware group was/is. I also don’t even know if this is over,” Borr said.
Knox reported the attacks to the Federal Bureau of Investigation (FBI), who will investigate to hold the perpetrator(s) responsible. Knox also hired cybersecurity experts to assess how much information was leaked and to build stronger security in their systems. All students were required to change their password and now must pass through two-factor identification to log into Knox systems. In the meantime, the college recommended the community monitor their financial statements, obtain a copy of their credit report, and place a fraud alert and a security freeze on their credit.
Ten of the 19 students surveyed received statements from their financial accounts. Several students reported taking little to no steps because they did not own credit cards or did not have credit at all. Only four of the 19 respondents obtained a copy of their credit report, or placed a fraud alert or a security freeze on their credit. Of the students who took any of the recommended steps, they all did so immediately or within a few days of learning of the attack. No students reported experiencing fraud.
“I feel wary, but fine,” Harb said.
In regards to the state of cybersecurity at Knox, responses varied. Several students reported feeling skeptical or anxious about their security, while others felt reassured that the college has now taken extra steps to protect vital information.
“I think if it wasn’t good then, it sure is now,” senior Sam Lorenz said.
Updates will be added as this story develops.