Article Details

Kansas State University cyberattack disrupts IT network and services. Kansas State University (K-State) announced it is managing a cybersecurity incident that has disrupted certain network systems, including VPN, K-State Today emails, and video services on Canvas and Mediasite. Kansas State University is a public land-grant research university offering 65 masters and 45 doctoral programs. It currently has 20,000 students and employs 1,400 academic personnel. On Tuesday morning, the university announced on its media portal that it was experiencing disruption in some IT systems, and by the afternoon, it confirmed a cyberattack had caused it. Impacted systems were taken offline upon detection of the attack, resulting in the unavailability of VPN, emails, Canvas and Mediasite videos, printing, shared drives, and mailing list management services (Listservs). "Please rest assured that we are dedicating significant resources to bring involved systems back online quickly and safely," read the status update. "Additionally, we have engaged third-party IT forensic experts to assist us in the ongoing investigation efforts." Guidance to academic deans for maintaining educational continuity, including using alternative resources, has been provided. K-State also advised students and staff to remain vigilant about suspicious activity and report it to the university’s IT help desk. Another status update published yesterday informs that email services for "K-State Today" will become available again starting on January 18, 2024, delivering daily announcements and research news to the K-State community. However, it is noted that the service will resume in a temporary format, featuring a different header image and a lower volume with select content. Also, a 48-hour delay in the email delivery is to be expected. More updates about the cyberattack and its impact will be posted on this page, but for now, there has been no mention of the possibility of a data breach impacting student or personnel information. This is the second published cyberattack on a major educational institute for 2024, following the ransomware attack on the Memorial University of Newfoundland (MUN) at the start of the month, which forced the organization to postpone the semester start date. At the time of writing this, no major ransomware groups have taken responsibility for the attack on Kansas State University, but it might be too early in the extortion phase for a public disclosure to be made.