And since few college-age kids probably use "email" (rapidly become the equivalent to "snail mail" to them), am thinking it may have been one of the faculty who got gagged if that is how it happened. Otherwise misconfigured and/or unpatched servers could be another possibility.

I have NO idea what, but we must have some computer geniuses out there who can come up with something.

Its only a matter of time before someone seizes our electrical grid. THEN we're up shit creek
This is a terrorism tool waiting to be used

Cyber attacks are going to get more aggressive and more virulent... something has to be done. I think that strengthening our network infrastructure and placing a huge emphasis on cyber security should be part of the democratic platform. Because conservatives sure as shit aren't going to do anything about it.

Back in the late 80's when I became a programmer, it was standard procedure. Many... Far too many companies (and govt agencies) these days see it as an unnecessary expense. So... They just don't have it... Or they have some form of it but not enough to fully recover, making what they do have useless.

From what I've read, they'll plant their software in critical places and wait. And wait and gather more information. In the meantime the backups that "may" have been taken may have the same vulnerabilities implanted.

I'm believing the best backups are multiple, of different types, in different places (local, cloud, off-site).

And testing those backups on non-production systems. Verifying they are usable in whatever form you might need for full disaster recovery.

Oh. And don't trust your backup and anti-malware programs to always work. They can be infected also. The chinese and russians are quite adept. More so than most of our mega-corp IT departments. It's always harder to defend than to think up a new flaming catapult.

in a great community!

Disaster Recovery is not a backup in the sense most people think of one... At least not when done correctly. DR allows not only for full system recovery (on the same or different machines) but also targeted recovery. Items are saved at the same time they go into production and can be restored the same way. Make a change to a program... That gets saved as well. Data changes... Save it. In addition, items are saved not only by version but by date/time. Need to go back to yesterday... You can do it. Need to go back to last week... Or last month... Or six months ago... You can do it.

What you are describing is a lot of the reason so many companies are getting screwed. They just have a backup... Maybe two generations. Simply not sufficient.

"Oh. And don't trust your backup and anti-malware programs to always work."

oh... On that note, one more thing to remember is that these programs are only good against know virus/malware. If you are one of the first (or your company is) they will almost certainly be of no help to you.

Nothing is ever perfect and incidents can occur but a huge percentage of the computer problems companies face over the last 15 years or so are the fault of the companies themselves not wanting to pay to be able to restore their systems.