See more in:
Is The Johns Hopkins University Prepared for a Cyberattack?
From obtaining Social Security numbers or credit card information to attempting to cause a widespread outage for a ransom, cyberattackers may target universities for a number of reasons. That’s why The Johns Hopkins University is preparing for the worst when it comes to cyberterrorism. The university held a cyberterrorism drill last fall and is currently following up on recommendations and findings.
The exercise, which took place in September, was designed to examine the impact of a cyber event on the campus and, in part, the larger Johns Hopkins University community. More than 200 people, including from university administration and various schools from the Homewood university campus, participated over the course of the two-day event.
The scenario initially started as what was thought to be a facilities issue, with electronic door locks malfunctioning and changes to the heating and air conditioning system. “At that point, people started realizing that this was all electronically hooked up to our networks, then IT got involved,” says Jim Aumiller, who managed the event in what was then his role as senior associate dean for finance and administration at the university’s Whiting School of Engineering. The exercise soon progressed into a large-scale ransomware attack on computer servers, administrative and student information systems, and telephone systems. All systems were down.
As a result, after the event, participating central university and school departments learned that previous methods of communications and communications tools played key roles in how the drill unfolded. “The way we communicate between the different teams could be more efficient,” says Aumiller, who is now the senior associate dean for strategic initiatives at the Whiting School. Main takeaways from the event, Aumiller says, were enhancing coordination between Johns Hopkins Information Technology (IT@JH) and the Incident Command System (ICS), developing messages and determining the recipients of the messages, and the need to have contingency plans for when communication systems are down. Other important next steps from the exercise include communicating to faculty and staff who the ICS incident commander is and conducting a more far-reaching exercise that would include all university campuses.
So is the university prepared to handle a cyberattack? “I think we are more prepared now to handle the crisis than five years ago,” Aumiller says. He says IT@JH and the ICS now directly communicate to ensure both are alerted of attacks in real-time. Aumiller adds that Johns Hopkins Facilities & Real Estate has a number of ways to override control systems if this scenario happens.
The university conducts an exercise on different crisis scenarios each fall. The planning team is selecting and coordinating its next exercise. “The beauty of doing this annually is we can keep this fresh on our minds,” Aumiller says.