Cape Cod Community College was hit by hackers who stole over $800,000

• Cape Cod Community College was impacted by a phishing attack as a result of which $807,130 was stolen.
• The TD bank managed to block three fraudulent transactions attempted by the hackers and has recovered $278,887 till date.

The Cape Cod Community College, also known as the Four Cs, suffered a massive cyberattack. The phishing attack dropped a malware payload on the compromised systems and allowed hackers to steal the college’s banking information. The attack saw hackers steal $807,130 from the college.

The college said that it is closely working with the FBI and the TD bank to investigate the incident and recover the stolen funds. The bank managed to block three fraudulent transactions attempted by the hackers and has recovered $278,887 till date.

Recently, several computers in the Nickerson Administration Building on the Cape Cod Community College Campus were impacted by a phishing attack containing malicious malware.

“The malware targeted the college’s financial transactions. It appears as though it overwrote the URL address for the college’s bank, TD Bank, creating a fake site that looked and functioned like the financial institution,” John Cox, President said to Cape Cod Times.

Cox confirmed that the college found no evidence of any personally identifiable information (PII) or student/employee record having been compromised.

“Payroll and other financial services will not be impacted, and the College is working with our bank to recover the remaining fraudulent transactions. To date, $278,887 of the funds have been returned and the recovery process is ongoing,” he told in an email to the college communityon December 7, 2018.

What were the preventive measures taken?

• Upon discovery of the attack, the college took prompt action by identifying and containing the virus and replacing all the infected hard drives.
• The college is also installing next-generation endpoint protection software throughout the campus and is reinforcing security protocols with its employees.
• The institution will also be rolling out formal cybersecurity training for their faculty, staff, and students in the future.
• The college is working closely with the state and federal authorities to investigate the incident. It is also working with the TD bank, Comptroller’s office, and the Commonwealth in order to stay secure from any such future attacks.
• The college requested the community to be cautious while receiving any unsolicited emails or phone calls and report to their IT help desk in case of any such receipt.

“This attack on our College’s security demonstrates the power and danger of modern cybercrime. Despite ongoing cybersecurity training and continuous upgrades to the College’s network security, those with the power to execute a sophisticated malware attack found a way to do so,” Cox said.

“In order to combat these types of crimes, we must continue to invest in modern technology that identifies and eliminates these threats before they can detonate, and perhaps more important, we must all be vigilant in recognizing threats at our workstations,” he added.