MEMORANDUM

TO: KIM NEWMAN; ATU SECURITY ANALYST

FROM: ADAM WILSON
SUBJECT: COMPUTER SYSTEM VULNERABILITES TO RANSOMWARE
ATTACKS
DATE: FEBRUARY 12, 2017

The increased prevalence of Ransomware attacks on public and private devices

poses a direct threat to Arkansas Techs computer systems and network, student
financial information, and academic records. Ransomware takes complete control of
an infected device or system, locking out all users. Files may be encrypted by the
software until a ransom is paid to the hackers, and destroyed if left unpaid. It is estimated
that ransomware attacks quadrupled in 2016.1

Loss of Essential Systems

Immediately following a ransomware attack, students and employees will be locked out of
the affected systems. Some systems or individual computers lack essential data or
functions, and a loss of access to those can be dealt with. If ransomware infects the main
computer system, access to student information and payroll will be lost. Operations in the
library and food services will be impossible. Without computers to record students use
of their meal plans, meals must be provided for free or paper records must be kept.

An infection in card readers across campus would debilitate normal operations. Ensuring
that staff and students had access to necessary buildings would also open buildings to
unwanted individuals. An increase in physical security measures would be necessary in
the event of a ransomware attack. Emergency stations could be infected as well, requiring
police or public safety officers to be stationed at all times.

In December of 2016, the Carrol County Sheriffs office was infected by ransomware.
Due to inadequate backups of files, a ransom of 2400 dollars was paid2.

1 Ransomware. (2016, July 11). Retrieved February 13, 2017, from https://www.us-cert.gov/security-
publications/Ransomware
2 Armstrong, E. (n.d.). Ransomware impacting Arkansas businesses. Retrieved February 13, 2017,

from http://katv.com/news/local/ransomware-impacting-arkansas-businesses
Compromising of Personal Information

The most vulnerable system to a ransomware attack is the internet connection. 12,000
students are enrolled at Arkansas Tech, each with a school email account. Ransomware is
extremely prevalent in scam and phishing emails. One infected email being opened on a
campus device can infect the entire network.

Detailed financial and personal information is kept for every student and faculty member
of Arkansas Tech. If the records are ransomed, nothing can guarantee that the
information contained in the records has not been compromised, even after a ransom has
been paid. Identity theft following an attack could impact all student and staff.

Conclusion

A ransomware attack has the potential to cripple campus operations and jeopardize mass
amounts of personal information. To prevent attacks, Firewalls must be kept up-to-date,
and students and staff must be informed of emerging phishing and scam emails, and
extensive antivirus software must be maintained on all school devices.

A backup of essential files (financial documents, academic records, payrolls) should be

frequently updated and isolated from the ATU network. This backup will provide the
option of wiping machines in lieu of paying a ransom.