Damage control is priority number one for the tech department at Cambrian College after their information systems were taken down on April 27.
A ransomware virus knocked a number of services offline, locking students and professors out of their systems at a critical time in the school year.
Cambrian was forced to push back dates for submitting final assignments as well as the dates that grades will be entered.
"Ransomware is a virus that installs itself on your system and it attacks any files that it can access and encrypts them so you can no longer open them," said Rick Daoust, chief information officer, Cambrian College.
"It asks for a payment in order to get a key so that you can access your files again. As of right now we have no knowledge of the origin of this hack but we know that it was a deliberate action that bypassed our security system."
This isn't the first time that the school has had to deal with a cyber attack, but this is the first time that it's happened at this magnitude.
"We've had individual instances before where one student has had their files hacked, but never on this scale where it's across the entire system," said Daoust.
The impact of this hack has put the school in a position where they've had to extend deadlines for final assignments, as well as the dates for professors to enter final grades.
Deadlines have been extended to for students to hand in assignments, as well as the dates for professors to enter grades. Daoust believes they are on track to have everything up and running by the end of the week.
A faculty member who did not wish to be identified says that this feels like a targetted attack and could have come from someone with an axe to grind with the college.
"This was a very carefully planned attack. The virus knew exactly which program codes to hit and cause the most damage to the school's reputation, student marks and records, student on-line work and presentations, all on-line courses, email servers, basically anything academic related," said the faculty member, who explained that the virus appeared to have been sitting dormant in the system for nearly a year and was triggered to activate on one of the busiest days of the school year.
"It did not strike Human Resources, Finance or Administration, far easier targets in general, and could tie the school up financially. This sounds more like revenge than a money grab."
The ransomware was programmed to ask for a transfer of 30 bitcoin, or roughly $54,000 in order to access the compromised files. Cambrian has not made any payments at this time and Daoust says that finding the source isn't as simple as just tracking where the payment would go if made.
"It's a bit outside of my area of expertise but these payments would be done through the dark web (a part of the web that is only accessible through special software, where users are anonymous and untraceable), so it's not as simple as just tracking a payment address," said Daoust.
Daoust says that at this time it's not known whether any students' or professors' personal information had been compromised and that the focus at this point is just to get everything back up and running.
"We're going to have to review our security once this is all sorted out and open an investigation to find out the source of this virus," said Daoust. "We've never had to deal with something like this so I just want to thank students and staff for being patient while we work to get things back to normal."
