Breaking News
More () »

Regis plans to use its own cyberattack as security lesson for students

Days before the fall semester began, Regis University experienced a cyber attack. IT professionals are in the process of cleaning 1,800 campus computers.

DENVER — Students in Regis University’s computer science department will get real-world training in the field of cybersecurity after a cyber attack that crippled the campus’ network last month.

The attack targeted the Regis network around 2 a.m. August 22, four days before Regis’ fall session was about to begin, according to Jennifer Forker, a spokeswoman for the university.

“We know we were attacked by an international bad actor – that’s what they call them – I call them criminals,” said Shari Plantz-Masters, dean of the school’s computer science department.

“Those people were looking at disrupting Regis,” she said. “Why they were looking to disrupt Regis, I don’t know.”

RELATED: 2 Iranian hackers indicted for ransomware attack on CDOT, other agencies

RELATED: Ransomware attack on CDOT might have been stopped if it was one week later

It’s unclear whether the hackers were seeking any sort of ransom. Regis’ IT department acted quickly to shut down the attack.

“Once they recognized that that was going on, they immediately shut the systems down, took them offline to prevent further damage,” said Bob Bowles, director of the Center of Information Studies at Regis.

The attack impacted 1,800 computers on the school’s property, according to Forker. The computers have been quarantined, each with a sign warning users not to log on. IT professionals are working on each computer individually to get them back on the network.

The school’s phone system was also taken down by the attack.

The attack is still under investigation, according to Forker.

A real-life lesson

“It’s really not a matter of if anymore, there isn’t an organization that isn’t a target,” Plantz-Masters said.

Both Plantz-Masters and Bowles are working to make the cyberattack part of the school’s curriculum.

“Now we’ve got a real case that we’ve experienced firsthand,” Bowles said. “So once we know the details of that case we will incorporate that into our classroom learning.

“It’s an embarrassing situation, but you know what, instead of close holding it – we always tend to take the idea well it always happens to the other guy – well this time it happened to us,” Bowles said.

Bowles said once internal investigators release more information about the attack to his department, he plans to use a case study in the classroom and plan a conference for others to learn from it as well.

“I think we need to wage war on cyberattacks,” Bowles said.

“A lot of time students will say, 'well in our company or in our business they’re always saying we can’t afford to do this, or that’ll never happen, or we don’t have time to do this,'” he said. “I was explaining to them I said now no matter where you go in your career, no matter what job opportunities you have, you’ve lived it firsthand so now you know.”

It’s still early to say what the big takeaways from the Regis attack were, but Plantz-Masters already knows one area where students could benefit.

“I think we’ll emphasize business continuity a lot more because even if you know you’re potentially going to be attacked until it’s happened, you don’t realize all the implications of that,” she said.

SUGGESTED VIDEOS | Local stories from 9NEWS

Before You Leave, Check This Out