Central Piedmont Community College classes resume after systems ‘corrupted beyond restoration’ in ransomware attack

CPCC victim of ransomware attack

CHARLOTTE, N.C. (WBTV) - Classes impacted by the ransomware attack at Central Piedmont Community College fully resumed Monday after the attack corrupted systems “beyond restoration,” according to school officials.

The college announced that it had experienced a ransomware attack on Feb 10.

According to school officials, a large number of classes were using a locally hosted version of the Blackboard learning management system (LMS), and the attack left CPCC’s system “corrupted beyond restoration.”

Blackboard also responded with a statement about the matter.

“CPCC is running a locally hosted version of Blackboard Learn which made it susceptible to the ransomware. We recommend that all of our LMS clients use our cloud hosted version of Blackboard Learn that would not have been susceptible to this attack and is always up-to-date with our latest security features,” a Blackboard spokesperson said.

What does CPCC ransomware attack mean for other schools?

CPCC’s system is hosted on a Windows operating system. A vast majority of ransomware attacks target Windows.

“This meant a great deal of course information was lost,” said Jeff Lowrance, Vice President of Communications, Marketing and Public Relations at CPCC.

Officials said last week, faculty worked to rebuild their courses in the BrightSpace LMS.

“Their hard work allowed the college to resume all classes yesterday,” Lowrance said. “One silver lining is that the college had planned to move all courses to BrightSpace in time for the fall 2021 semester.”

Lowrance said a number of courses had already been moved to Brightspace, and those classes resumed on Feb. 22, and those faculty were able to help train the instructors still using Blackboard.

The rest of the classes resumed Monday.

“The college is working with students on a course-by-course basis to ensure the technology interruptions do not have a negative impact on the work they have already done this semester and the grades they have posted,” Lowrance said.

College officials said that because most classes had to pause for about two weeks, the week previously set aside for spring break (March 8-12) will have to be used as instruction time.

“This is necessary to complete the spring semester on time, which is critically important for students in the last term of their programs of study,” Lowrance said.

According to the college, staff members discovered the attack Feb. 10. The college’s critical systems were taken offline through the night.

The college worked with the North Carolina Community College System Cyber Incident Response Team, the N.C. Department of Public Safety, the F.B.I and other agencies to determine the extent of the attack and restore any affected systems.

WBTV spoke to David Sims, CEO of Security First IT, in a Zoom interview. Sims explained how hackers use ransomware attacks to target businesses and institutions.

“(It) encrypts all the files either on the system or all the files that may be of a specific type and they won’t allow you access for a lot of those files unless you pay the ransomware,” said Sims.

He said more of these attacks have been happening in recent years and they can be very serious for large institutions like schools and hospitals.

“Worst case scenario you’re looking at replacing everything because you don’t know the extent of the damage and the extent of the infiltration of what happened and you will literally replace all of the computer systems and rebuild all the data if you can do that,” said Sims.

Copyright 2021 WBTV. All rights reserved.