Washington Adventist University acknowledges ransomware incident

Administrators at Washington Adventist University, a small private institution in Montgomery County, Maryland, are working with local and federal authorities to bring digital services back online after discovering a ransomware attack over the weekend.

A post on the school’s website states the attack was detected Saturday evening, disabling access to services including the university’s intranet, electronic point-of-sale devices, electronic signs around campus and many of the university’s software platforms.

The university is working with the FBI and Montgomery County Cyber Task Force to slowly bring services back online. Administrators didn’t mention details regarding the nature of the attack, such as the actors involved or any demands made.

“As with any attack of this nature, data may have been exposed. WAU will be working with forensic experts to identify what may have been accessed,” the post reads. “This is a situation that requires many professionals, experts, and institutions to properly work through the details and coordinate for the best outcome. There is a balance that has to be reached between access and security. The timeline therefore may be incremental rather than an overnight solution.”

The university, which is affiliated with the Seventh-day Adventist movement and enrolls about 1,500 students, said it will continue to operate in-person and Zoom-based classes, despite the outages. A ransomware incident last month at nearby Howard University caused a multi-day suspension of both in-person and virtual classes.

Washington Adventist’s president, Weymouth Spence, is scheduled to provide an update on the incident at the campus chapel Monday evening.

Ransomware attacks spiked during the coronavirus pandemic, and the education sector suffered an especially high number of attacks. A July report from the cybersecurity firm Sophos showed that 44% of education institutions globally were targeted by ransomware in 2020.