Roanoke College has delayed their spring semester by almost a month after a cyberattack has impacted files and data access.

Roanoke College is a private liberal arts college located in Salem, Virginia, with approximately 2,000 students.

The college’s spring semester was originally scheduled for January 19th, 2021, but due to a December 12th “cyber incident” and spread of Coronavirus, the college has been forced to push back the semester’s start to February 8th, 2021.

“The delayed semester start also allows the College time to ensure that all network outages we are currently experiencing are resolved. As many of you are aware, Roanoke College experienced a cyber event which impacts our ability to access files.”

“As we work to get operations restored, it is unclear how long the Roanoke College network may be unavailable. The College website is currently operational, but some areas are not working due to the need for user logins to access certain functions,” Roanoke College explained in a news post about the schedule change.

College likely suffered a ransomware attack

While Roanoke College has not specifically stated what type of cyberattack they suffered, based on the information posted, it highly likely that they were hit with a ransomware attack.

In a series of status updates, the college explains that they suffered a “cyber incident” on December 12th, which forced them to disconnect their IT systems to stop the spread of the attack.

“On Saturday, Dec. 12, Roanoke College experienced a cyber event which impacts our ability to access files. The College’s IT staff disconnected the College’s network and began an investigation into this incident,” Roanoke College explains in an advisory.

In a series of subsequent updates, the college warns staff and students not to use their computers on the campus network or access their email and other Office 365 applications as they have not been identified as a “safe environment” at this time.

In an update posted yesterday, the college states that they have begun to restore files to the ‘Z:’ and ‘X:’ shared drives and that users have not lost any data.

“IT is working to restore the contents of personal Z: drives and departmental X: drives. However, we do not yet have a restore-from date identified nor a target date for the restoration work to occur. As of now, it appears that users will not lose the contents of these drives as a result of the Cyber incident,” the update explains.

It is unknown how long the restoration process will take to complete.

The education sector is increasingly under attack, with ransomware operations targeting IT systems when they are most needed for distance learning.

This month, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) issued a joint advisory warning of increased ransomware, malware delivery, and DDoS attacks against K-12 educational institutions.