NWACC

A Ransom Note on the Network Printers Shuts Down NWACC's Systems

Wednesday, July 31, 2024ARinfrastructure failureadvisorymedium confidence

Confirmed Threat

In late July 2024, NorthWest Arkansas Community College shut down its computer network in Bentonville after a cyber threat, with staff reporting ransom messages printed on the school's networked printers demanding money for access to data. The college said it was investigating a ransomware incident and worked to restore systems in what officials called the first cyberattack at the college.

Alerts: 2
Response: —
Killed: —
Injured: —

Institution

NorthWest Arkansas Community College

Community College · AR

~8,000 studentsNWACC Alert

Confirmed Timeline

Alert Sequence

2 messages in sequence

Some alert texts below are approximate reconstructions from news coverage, not confirmed verbatim transcripts. Reconstructed texts are shown in italic with a dashed border. Verified verbatim texts have a solid border and are marked accordingly.

INITIAL ALERTEmailWednesday, July 31, 2024

Approximate reconstruction236 chars

NWACC Advisory: The college is responding to a cybersecurity incident and has taken network systems offline as a precaution. Some online services may be unavailable. Do not enter credentials into unexpected prompts. Updates will follow.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

The shutdown was triggered by a ransomware threat; staff reportedly received ransom notes printed on the school's public network printers asking for money in exchange for access to data.

Reconstructed wording for the community advisory; the exact notification text was not published, so isVerbatimConfirmed is false.

FOLLOW-UPWebsiteThursday, August 1, 2024

Approximate reconstruction205 chars

NWACC Advisory: We are investigating a ransomware incident and are working with cybersecurity experts to restore systems safely. We will share updates as services are restored. Thank you for your patience.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

The college publicly characterized the event as a ransomware incident and said it was working to restore systems, framing it as the first cyberattack the college had experienced.

Reconstructed wording; the precise news-release text was not preserved verbatim in coverage, so isVerbatimConfirmed is false.

Context

Background

NorthWest Arkansas Community College in Bentonville is the largest two-year college in northwest Arkansas. According to the Arkansas Democrat-Gazette, in late July 2024 a cyber threat forced the college to shut down its computer network, with staff describing ransom messages that printed on the school's networked printers demanding payment for access to data. The Northwest Arkansas Democrat-Gazette reported the college issued a news release saying it was investigating a ransomware incident and working to restore systems, and a college vice president called it the first cyberattack at NWACC. This case is included as a non-physical campus emergency: a ransomware attack that disrupts operations and prompts a community advisory, an increasingly common incident type that still triggers institutional notifications even though no one is in physical danger.

Analysis

Key Findings

The attack announced itself by printing ransom demands on the college's networked printers

NWACC took its computer network offline as a precaution and investigated a ransomware incident

College officials described it as the first cyberattack the institution had experienced

The case illustrates how cyberattacks now generate campus advisories alongside traditional physical-threat notifications

Outcome

The college took its computer systems offline and investigated the ransomware incident while working to restore services. Officials described it as the first cyberattack at NWACC.

Provenance

Alert Sequence

Background

Key Findings

Sources

Related Cases