How did it happen?
The cyber attack consisted of a ransomware attack, in which the attackers encrypted Vives’ systems and demanded a ransom for the release of the data. Such attacks are often carried out through phishing or by exploiting vulnerabilities in IT infrastructure. While the exact path of the attackers has not been shared publicly, it is known that ransomware is a common method of attacking educational institutions due to its reliance on digital systems.
What was the impact for the college?
The impact was significant. Vives had to close its doors because access to digital platforms, such as online learning environments and administrative systems, was completely disrupted. Students were unable to use the digital learning environment, and employees were also unable to access essential systems. The recovery process took several days, with the college remaining closed for several days, causing a major disruption in education.
How could this have been prevented?
Although cyberattacks such as these are becoming more common, there are steps that educational institutions can take to increase their resilience:
- Strong password and access management: Implementing multi-factor authentication (MFA) and changing passwords regularly can make unauthorized access more difficult.
- Staff and student training: Awareness of phishing attacks and other common attack vectors can help minimize human error.
- Backup and recovery plans: Regular backups of important data and robust recovery plans allow institutions to recover quickly without relying on ransom payments.
The incident at Vives shows that educational institutions are an attractive target for cybercriminals. If your business or organization needs help strengthening your cyber security, we can support you in establishing preventive measures and recovery strategies.
