A large number of universities and schools are affected by an international cyber-attack.

 

Amidst the high-stakes end-of-year season, a cyber-attack caused panic, uncertainty, and significant interruptions at a number of US, Canadian, and Australian institutions and schools.
The academic program Canvas, which is utilized by thousands of schools and universities, went offline this week due to an attack that was attributed to the hacker collective Shiny Hunters.

 

Canvas was "available for most users" by late Thursday, according to a website update from the firm that controls it, in structure. However, some universities continued to report problems on Friday.
An estimated 9,000 universities and schools worldwide were impacted by the cyber-attacks.

 

In order to give impacted students time to make up any lost work, Mississippi State University stated that it will be delaying Friday's final exams.
The BBC students were almost finishing a 2,900-word test essay when a ransom note appeared on their screens, according to Aubrey Palmer, a university student studying meteorology.
It said, "Shiny Hunters has breached Instructure (again)."

It threatened to make the stolen data public unless Canvas or the impacted colleges paid a bitcoin ransom.

 

"My knee jerk reaction was that I'd been hacked myself, because that's what it looked like," Palmer replied. "But then I actually read the ransom note and saw it was Canvas that had been hacked."
Palmer claimed that the message was in the possession of the professor and numerous other students, and that everyone in the room was staring around in bewilderment.

 

It wasn't obvious at first if their work had been saved.
Students soon became frustrated; according to Palmer, they were "so angry at the idea of having to redo" their tests.
Since then, the university has responded to what it called a "nationwide security incident" by sending out email updates to students, rescheduling tests, and encouraging them to disregard questionable messages.

 

On Friday, the University of Sydney informed students that "Canvas was unavailable" and advised them not to try to log in.

"We are one of approximately 9000 institutions around the world that are impacted by this outage, and we are still waiting for advice from Instructure," the college posted on its website.
The university acknowledged "how disruptive this is at a critical time in the semester" and stated that the outage had an impact on students' schoolwork and exams.
Exams scheduled after 12:00 local time (18:00 GMT) were canceled, according to a statement released by Idaho State University on Thursday.

 

In a statement sent to students on Thursday, Penn State University stated that "no one has access" to Canvas and that "within the next 24 hours" a "resolution" was doubtful. Exams that were supposed to take place on Thursday and Friday were canceled by the university.
The University of British Columbia in Vancouver told students in an update on Thursday night that Canvas was "unavailable due to a cyber-breach of its parent company Instructure" and recommended them to log out right away.
The University of Toronto stated that "multiple universities were affected" and that it was also touched by the breach.

 

The University of Chicago in Illinois briefly suspended its Canvas page following claims that it was targeted, and students at the University of California Los Angeles found it difficult to turn in assignments online using the Canvas platform.

 

The university-run publication, the Chicago Maroon, shared a screenshot of a message from Shiny Hunters that seemed to be requesting a ransom.
The message urged the university to avoid "the release of their data" and to speak with the hacking organization in secret "to negotiate a settlement."
Jacques Abou-Rizk, a master's student at Northwestern campus, claimed to have gotten the same message after clicking on a link in an email that seemed to be from a campus administrator.

 

"I didn't know what was happening," recalled Abou-Rizk. "It's a scary message to receive."
According to him, the institution addressed the matter on Thursday by stating that Northwestern was "monitoring an issue" in a generic email that was viewed by the BBC.
The email claimed that other IT infrastructure had not been impacted and that the university had no idea when Canvas will be restored.

On Friday, Abou-Rizk said that he was still unable to access Canvas and that the institution had not contacted him since.

 

"There's definitely anxiety surrounding not only being able to complete my work and access the sites that I need access to on Canvas," Abou-Rizk stated. "But also just not knowing exactly what the threat is and how it might affect me."I'm afraid because I have no idea what data will be made public."
Northwestern University has been contacted by the BBC for comment.

ShinyHunters has already been connected to a number of high-profile cyberattacks, including a significant and financially detrimental hack on Jaguar Land Rover last year.

Luke Connolly, a threat analyst with the cyber security company Emisoft, told the Associated Press that the groups targeted attacks started on Sunday and had deadlines set for Thursday and May 12.
He claimed that talks about extortion payments might still be going on.
What the gang intends to do with the data it says it captured during the most recent attack was not disclosed.

 

Thursday's cyber-attacks coincided with a letter from Chuck Schumer, the senior Democrat in the US Senate, to the Trump administration pleading for increased protection against cyber-threats in the era of rapidly advancing artificial intelligence.
Schumer said, "Before Americans are hit with outages, disruptions, and attacks that could put lives and livelihoods at risk," the Department of Homeland Security, which aids in preventing cyber-attacks, "must immediately help states and localities."