Security Experts:

Ransomware Attack a Nail in the Coffin as Lincoln College Closes After 157 Years

Ransomware Attack and Covid-19 Blamed for Closure of Abraham Lincoln's Namesake College After 157 Years

Lincoln College in Illinois, will close its doors on Friday, May 13, 2022. It had survived for 157 years through major world events, depressions and the 1918 flu pandemic – but has finally succumbed to the two great twenty-first century pandemics: Covid-19 and ransomware.

“Lincoln College has survived many difficult and challenging times – the economic crisis of 1887, a major campus fire in 1912, the Spanish flu of 1918, the Great Depression, World War II, the 2008 global financial crisis, and more, but this is different,” announced the college at the beginning of this semester. “Lincoln College needs help to survive.”

That help has not been forthcoming, and the college has notified the education authorities that it will cease all academic programming at the end of this week.

There is a tragedy here. The college was aware that it needed to improve its new enrollments, and it put measures in place to do so. It experienced record-breaking student enrollment in the Fall of 2019. It seemed the corner had been turned – but within months, the Covid-19 pandemic struck.

Covid had a major negative effect on the college. “The economic burdens initiated by the pandemic required large investments in technology and campus safety measures,” says the college. At the same time, enrollments fell again with new students choosing to postpone college.

Whether the college could have survived this alone is a moot point. But the second pandemic, ransomware, struck in December 2021. Little is clearly known about this. It is believed that the ransom attack originated from Iran and the demand (which was paid by the college) was less than $100,000.

The effect, before the systems were recovered, is clearer. “All systems required for recruitment, retention, and fundraising efforts were inoperable. Fortunately, no personal identifying information was exposed. Once fully restored in March 2022, the projections displayed significant enrollment shortfalls.” The college would need to find new funding to continue; and that now seems impossible with (at the time of writing) just 48 hours to go.

The only question remaining is, ‘could this have been avoided?’ Covid could not have been avoided. But what about the ransomware? In commercial terms, Lincoln college is akin to an SMB – and SMBs are notoriously poor at cybersecurity. Even major enterprises with large security budgets fail to prevent ransomware attacks.

SMBs – and small colleges – should therefore ensure they have a robust ransomware response strategy in place beforehand. The most important part is a plan to regain operational status as rapidly as possible. Simply relying on recovering existing systems from encryption is the wrong approach because it is impossible to know how long it will take nor whether it is even possible.

The best route for SMBs with limited budgets would be a robust and secure backup system that will allow restoration to a temporary site with a service provider or in the public cloud.

Whether Lincoln College could have survived Covid alone, or the ransomware alone, are academic questions: it could not and did not survive them both together.

Related: New Malware Samples Indicate Return of REvil Ransomware

Related: Ransomware, Malware-as-a-Service Dominate Threat Landscape

Related: SecurityWeek Cyber Insights 2022: Ransomware

view counter
Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.