October 29,10.22 a.m.

Good morning, Campus Community.

Due to file encryption that occurred during the cyber attack, many individuals are attempting to restore their OneDrive files to a previous unencrypted version. You can restore files to an earlier version for up to 30 days.

IMPORTANT NOTE: Anyone who needs to restore their OneDrive files will have until November 8th to do so. Instructions for restoring your OneDrive are attached in an email sent this morning. You can call the ITS Help Desk at 505-426-2215 for assistance.

If you have a SharePoint Site that needs to be restored, please contact ITS for assistance.

Thank you,

ITS Support Services

October 24, 5:30 p.m.

Good afternoon campus community:

The recent cyber attack took down a critical server we use to monitor building temperatures and controls across campus. Because we are unable to monitor the buildings remotely, over the next couple of weeks, please call our front desk at ext. 3260 to report any heating and cooling problems with your building.

If you call after hours, please leave a message, or if you have a heating and cooling emergency after hours, please call Campus Police at ext. 3278.

Thank you,

Facilities Management
New Mexico Highlands University

October 23 9:07 a.m.

ITS reports that they are transitioning to the next phase in the recovery efforts. A number of the encrypted PCs were replaced with temporary units; the next phase is to begin rebuilding the encrypted equipment and getting them back to their original assigned user.

If you are experiencing technical issues preventing you from performing your job, please contact the ITS Help Desk at 505-426-2215.

ITS also notes that they appreciate everyone’s ongoing support and patience as the teams continue their work.

October 21 1:19 p.m.

Good afternoon.

Authentication services for Brightspace, Zoom, and Email (Office 365) have been restored. If you continue to have issues, please contact the ITS Help Desk at 505-426-2215 or itshelpdesk@nmhu.edu.

Thank you.

October 21 12:38 p.m.

Good afternoon, Campus Community.

NMHU is currently experiencing technical difficulties. Users are unable to sign in to Brightspace, Email (Office 365), and Zoom. ITS is working to resolve the issue as quickly as possible and will send out a notification as soon as the service is restored.

Thank you.


Q. Were employees’/students’ personal data compromised?
A. To date, there is no indication that employees’ or students’ personal data was compromised.

Q. I am unable to access Self-Service Banner, my NMHU Email account, or Library Services. What should I do?
A. These applications should all be available and ready for use. If you are experiencing issues, clear the cached items on your browser, restart your computer, and attempt to login again. Contact the ITS Helpdesk at 505-426-2215 if needed.

Q. Is it safe to use the university’s WiFi?
A. The NMHU Public network is available to use; however, it is not secured. Please treat use of this network like you would any public business or hotel.

Q. Is it safe to use the NMHU website, Brightspace, and email?
A. Yes, it is safe to access our website, Brightspace, and email.

Q. What do I do if I feel my computer was affected?
A. If you are using a university computer and your computer has not been scanned for viruses, please contact the ITS Helpdesk to inquire what next steps should be taken.

Q. My login credentials are being entered correctly, but I am receiving notification that my credentials are invalid. What should I do?
A. Attempt to reset your password on your own. If you are still unable to login with your new password, contact our ITS Helpdesk at 505-426-2215 and request an account reset.

Q. Will the semester be extended?
A. No. President Minner has been in touch with the Higher Learning Commission concerning our situation. HLC states that for all synchronous classes (classes that are real time with faculty such as face-to-face, Zoom, or blended) we are required to make up those hours. Because each class is different, faculty will decide how they will make up those hours. Suggested ideas include holding a discussion in Brightspace, extending class time, extra reading, a small group project, short presentations, or watching a movie related to the subject.

Coming Back On Campus

• ALLOW EXTRA TIME:  You will need to set up personal settings on your computers such as Zoom, Brightspace and email. Please allow time to do so either by arriving to your class early to set up your technology. Establish your log in on computers as soon as you can.

• RAPID RESPONSE FOR CLASSROOMS  ITS will have a response team to assist faculty with technology issues. If you are experiencing issues such as connectivity, applications like Banner, Brightspace, etc., please call the ITS helpdesk at 505-426-2215.

Be Aware

• ONE DRIVE AND SHAREPOINT Some Sharepoint and One Drive files may have been encrypted. If you have files on One Drive, you can restore them by following these step-by-step instructions. If you have encrypted files on Sharepoint, please call the ITS helpdesk at 505-426-2215 to have them restored. During the next few weeks, ITS will attempt to restore encrypted files not on Sharepoint or One Drive, but users should assume these files will not be accessible.

• If you have encrypted One Drive or Sharepoint, do not store newly created files on the services. Store them on your computer or backup storage until you have restored your One Drive or ITS has restored Sharepoint.

• If your computer is unplugged and on the floor, do not plug it back in and use it.

Applications Software: ITS has cleared the following enterprise applications available for use:

Banner, BDM, Degree Works, TouchNet, Workflow, and Text Alert; D2L Brightspace, Zoom, VIA, Office 365 Email, SharePoint, Slate, People Admin, CBORD Register and POS,

Credential Solution, Tutor Trak, Chrome River, Handshake, Paper-Cut and Library Databases.

Applications in-progress include (Infinitime, SPSS Statistical Software)

If there are other essential software applications not included on this, please contact the ITSHelpDesk at at 505-426-2215.

Oct. 17, 10:44 a.m.

Message from Provost Gonzales:

  1. With classes being canceled until Monday, October 21, 2019, we are extending the due date for faculty to be able to submit midterm and first 8-week final grades. The midterm grading process in Banner is currently open. Faculty members can enter grades as they complete grading of their exams.
  2. The new deadline for faculty to enter midterm and first 8-week term grades has been extended from to October 29, 2019 by 5 p.m. This will allow time for students to be able decide if they need to withdraw by November 1, 2019.
  3. Retroactive adds will be treated as instructor permission adds for one additional week, i.e. up to November 1, 2019
  4. Dr. Minner has been in touch with HLC concerning our current situation, HLC states that for all synchronous classes (classes that are real time with faculty such as face-to-face, Zoom, or blended), we are required to make up those hours. Because each class is different, we are asking faculty to decide how they will make up those hours.
  5. All faculty computers that were infected have been replaced.  Assessment of the infected computers for file restoration has begun but will take time.
  6. To prepare for Monday, Joe Gieri and the deans are doing a building by building review of classrooms and offices.

Oct. 16, 9:52

If you have a personal laptop, tablet or phone and have accessed the university through the wired or wifi network, your device has not been affected by last week’s cyberattack against Highlands. A simple rule of thumb: if you do not use your NMHU log in credentials to log into a computer (your Highlands username and password), your computer has not been impacted.

The attack exploited systems ITS uses to send updates to each Highlands PC through the university’s network.

As a matter of best practice, ITS recommends making sure your antivirus program is up to date on your personal device. While each antivirus program is different, most can be updated through a menu item in the program along the lines of “Update Software,” “Check for Updates,” or “Update Definitions.”

If you do not have antivirus software on your computer, ITS recommends installing  www.immunet.com for PCs or  https://cleanmymac.com/ for Mac.

Highlands’ public wifi is available for use, but it is an unsecured network, meaning the same care should be taken as logging into a coffee shop or airport wifi (https://www.consumer.ftc.gov/articles/0014-tips-using-public-wi-fi-networks).

Oct. 16, 9:51

As ITS has begun the process of recovering computers, the staff has discovered a number of files from infected Highlands computers have been encrypted by the cyberattack. If possible, ITS staff is moving files from infected computers to isolated storage and will later attempt to find recoverable files. However, everyone should assume if his or her Highlands computer has been encrypted, the files stored on that computer will not be accessible.

To clarify: the files on these computers have not been stolen by the hackers, they have been encrypted to prevent access.