Forward planning, a responsive and collaborative higher ed security community, and cyberthreat-savvy staff helped ward off a cyberattack in 2019.

The news from the IT help desk started coming in the week of December 8, 2019: at least four Coast Mountain College (CMTN) staff were reporting they had noticed someone or something was attempting to take control of their computers. The college had recently been seeing a rash of payroll phishing emails and failed login attempts, but this was something new.

Director of Information Technology Services Marc Snelling quickly reached out to BCNET to discover the attack was targeting many organizations. BCNET’s Manager of Information Technology Ivor MacKay had already been alerted that another institution was experiencing what was amounting to a global attack not targeted to CMTN or any one institution.

Marc quickly convened a meeting with CMTN’s executive to communicate the scope of the threat so that he could implement the necessary security measures. Thanks to his team’s forward planning, the BCNET security community and CMTN’s cyber-aware staff, the IT team was able to avert the attack, keep services operating and protect the college’s data. 

 

StrengthenING CMTN's Security Posture

When Marc joined Coast Mountain College in 2018, one of his mandates was to strengthen CMTN’s security posture to mitigate just such threats. After persuading CMTN’s executive of the importance of implementing security measures, his team worked collaboratively with BCNET to find and retain cybersecurity consultants, who were able to contribute meaningfully to CMTN security posture through measures such as a security scorecard and other best practices. 

Had these measures not been in place, the December attack would have put sensitive data and personally identifiable information at risk, everything from tax records, bank accounts and student financial records, to medical information and email services. Equally at risk would have been the college’s internet-dependent services such as VOIP and videoconferencing, services critical to the delivery of distance learning.

Having to ramp up his own knowledge quickly, and with the limited staffing and resources typical of a smaller institution, Marc turned to BCNET’s Manager of Information Technology Ivor MacKay for guidance. “I had to become an expert in a very short period of time,” says Marc. “BCNET helped with this.”

 

Collaborative environment enhances data security

Marc not only credits access to BCNET’s shared services for their success in advancing their security initiatives, he applauds BCNET for fostering a collaborative and collegial environment crucial for idea sharing and knowledge exchange. Shortly after the attack, Marc tapped into BCNET’s email lists to share details of the attack, and the successful measures the college took to fight off the attackers. When implementing new security initiatives, his team also took advantage of other BCNET services such as Nessus, a security vulnerability scanning tool.

“The best conversations I’ve had about IT security have been at the BCNET cybersecurity and member events. Sitting down face-to-face with the BCNET team and members, and knowing who to talk to, saves me time and helps vet resources. I’ve been able to gather information, and rapidly connect with higher ed IT decisions makers and security experts.”

MARC SNELLING

Director, Information Technology | Coast Mountain College

 

Collaboration is key

BCNET also helped him connect with another institution similar in size and resourcing to share knowledge and ideas for solutions. The efforts of Marc and his team have paid off. For example, since 2018, the number of external failed logon attempts have gone from 1,500/day to 200/day. In an academic, research and learning environment that is, by its very nature, open, collegial and inclusive, all higher ed institutions face similar challenges of reducing these threats and mitigating risk. Marc maintains that key to mitigating cyberthreats is not only forward planning, but collaborating with the higher ed IT community. “We have a collective responsibility to work together and share information. Collaboration through BCNET is essential. There really is no other way.”

“Higher education faces unique security challenges due to our open and collegial environments. Cyberattacks like the one we saw in 2019 threaten the security of CMTN's intellectual property and personal information, and pose a risk to our distance learning delivery services. In the past two years, thanks to proactive forward planning, we’ve made big strides in improving our security posture and have reduced threats more than five-fold. But what can’t be underestimated are the benefits of  the BCNET collaborative community in collectively addressing higher ed cybersecurity.”

JUSTIN KOHLMAN

President and CEO | Coast Mountain College

 

Cyber Savvy Staff 

While his team’s cybersecurity efforts and collaboration with the higher ed security community went a long way to strengthening CMTN’s security posture and mitigating the 2019 attack, Marc also points to the knowledge of the college’s staff for recognizing a cyberattack and alerting IT. He can’t emphasize enough that user education is key. “IT can only do so much.”

 “We’ve educated our staff, made them aware of phishing threats and provided training,” he says.

 

"That Coast Mountain College was able to avert a cyberattack is not only testament to their planning and cyber-aware staff, but to the power of a community that values collaboration. Sharing knowledge and best practices openly and generously is one of the best ways we can protect our higher ed institutions from just such threats. Being able to offer a platform and the means for higher ed IT professionals to collaborate is critical to safeguarding the sector."

BALA KATHIRESAN

President & CEO | BCNET