Security Experts:

Connect with us

Hi, what are you looking for?



Ransomware Attack a Nail in the Coffin as Lincoln College Closes After 157 Years

Ransomware Attack and Covid-19 Blamed for Closure of Abraham Lincoln’s Namesake College After 157 Years

Ransomware Attack and Covid-19 Blamed for Closure of Abraham Lincoln’s Namesake College After 157 Years

Lincoln College in Illinois, will close its doors on Friday, May 13, 2022. It had survived for 157 years through major world events, depressions and the 1918 flu pandemic – but has finally succumbed to the two great twenty-first century pandemics: Covid-19 and ransomware.

“Lincoln College has survived many difficult and challenging times – the economic crisis of 1887, a major campus fire in 1912, the Spanish flu of 1918, the Great Depression, World War II, the 2008 global financial crisis, and more, but this is different,” announced the college at the beginning of this semester. “Lincoln College needs help to survive.”

That help has not been forthcoming, and the college has notified the education authorities that it will cease all academic programming at the end of this week.

There is a tragedy here. The college was aware that it needed to improve its new enrollments, and it put measures in place to do so. It experienced record-breaking student enrollment in the Fall of 2019. It seemed the corner had been turned – but within months, the Covid-19 pandemic struck.

Covid had a major negative effect on the college. “The economic burdens initiated by the pandemic required large investments in technology and campus safety measures,” says the college. At the same time, enrollments fell again with new students choosing to postpone college.

Whether the college could have survived this alone is a moot point. But the second pandemic, ransomware, struck in December 2021. Little is clearly known about this. It is believed that the ransom attack originated from Iran and the demand (which was paid by the college) was less than $100,000.

The effect, before the systems were recovered, is clearer. “All systems required for recruitment, retention, and fundraising efforts were inoperable. Fortunately, no personal identifying information was exposed. Once fully restored in March 2022, the projections displayed significant enrollment shortfalls.” The college would need to find new funding to continue; and that now seems impossible with (at the time of writing) just 48 hours to go.

The only question remaining is, ‘could this have been avoided?’ Covid could not have been avoided. But what about the ransomware? In commercial terms, Lincoln college is akin to an SMB – and SMBs are notoriously poor at cybersecurity. Even major enterprises with large security budgets fail to prevent ransomware attacks.

SMBs – and small colleges – should therefore ensure they have a robust ransomware response strategy in place beforehand. The most important part is a plan to regain operational status as rapidly as possible. Simply relying on recovering existing systems from encryption is the wrong approach because it is impossible to know how long it will take nor whether it is even possible.

The best route for SMBs with limited budgets would be a robust and secure backup system that will allow restoration to a temporary site with a service provider or in the public cloud.

Whether Lincoln College could have survived Covid alone, or the ransomware alone, are academic questions: it could not and did not survive them both together.

Related: New Malware Samples Indicate Return of REvil Ransomware

Related: Ransomware, Malware-as-a-Service Dominate Threat Landscape

Related: SecurityWeek Cyber Insights 2022: Ransomware

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.