BENTONVILLE, Ark. — On the morning of Tuesday, July 30, officials at Northwest Arkansas Community College (NWACC) say they detected a potential ransomware cyber threat to their software system.
The threat caused the school to shut down their network, just weeks before the fall semester was set to begin.
One student in the accelerated nursing program reflects on the moments she first realized something was wrong.
"It came as a bit of a shock, because all these things have to be up and running for the Arkansas State Board of Nursing to be able to receive our transcripts and for us to be able to sit for the licensing test. So it's been a little bit stressful," student Holly Wright said.
Wright says her last final is scheduled for Wednesday and the school has been quick to support students through the attack.
"NWACC and the staff have handled it well given the circumstances. My last three tests have been paper finals," she adds.
Tom Kirkham, the CEO of Kirkham IronTech, says these criminals encrypt private data from companies, then financially extort them by threatening to dox the information.
Doxxing is publicly releasing that data or selling it to the highest bidder on the dark web.
Kirkham says the asking price could range from thousands to hundreds of thousands of dollars depending on the number of computers within a system that has been hit.
"They may use a metric by how many endpoints there are on the network, and then they'll demand that for the ransom," Kirkham said. "Because you got to remember, these are typically all automated attacks. They don't know who they're hitting, and they don't care."
NWACC has confirmed that all of their private data for students and staff is protected on the cloud, meaning it's possible they have not accessed it.
"If all the victim's data has been backed up, and the backup data has not been encrypted, then they can restore from a backup. But that may take time."
Right now, NWACC says they have a cyber security team actively investigating the issue along with the FBI Little Rock bureau.
"They're doing a forensic examination. Because in any modern attack these days, there's going to be multiple payloads. There's going to be servers, server back doors, credential loggers installed. There's going to be other things on the network and other clues maybe pointing to the actual people that did these things," Kirkham explained.
He adds no matter how big or small the company, everyone needs to protect themselves.
"It's no longer do it yourself. You've got to engage a security expert at some level. And if you, if you haven't done anything, you've got to do an assessment. You've got to figure out what your vulnerabilities are," he continues. "And any good cybersecurity company will be more than happy to help you do that.
NWACC released an updated statement saying, "NWACC's Fall semester will now begin on August 26th, with the expectation of health professions and apprenticeship programs starting on August 19. All student payment deadlines have also been extended until August 26th."
Watch 5NEWS on YouTube.
Download the 5NEWS app on your smartphone:
Stream 5NEWS 24/7 on the 5+ app: How to watch the 5+ app on your streaming device
To report a typo or grammatical error, please email KFSMDigitalTeam@tegna.com and detail which story you're referring to.