Online and hybrid courses will remain suspended Wednesday at Howard University following what officials have described as a ransomware cyberattack.

But hands-on courses — such as lab classes or clinicals for nursing students — will resume, officials said Tuesday afternoon.

The university is also working to deploy an alternative WiFi system, but it is unclear when it will be up and running.

“The situation is still being investigated,” Howard officials said in an message about the cyberattack. The school’s technology services team “and its partners have been working diligently to fully address this incident and restore operations as quickly as possible.”

Officials are still determining what information has been accessed during the attack but said there is no evidence so far that personal information was stolen.

The university’s information technology team first detected the problem Friday, leading officials to take many university systems offline. Internet service remained disrupted throughout campus over the holiday weekend, leading officials to cancel Tuesday classes.

“Based on the investigation to date, we know that the service disruption was caused by a ransomware cyberattack against the university,” according to the statement. “We are currently working with leading external forensic experts and law enforcement to fully investigate the cause and impact.”

Frank Tramble, a spokesman for the campus, added that university officials are in contact with the FBI and the D.C. government.

In a statement Monday, officials at Howard said the campus WiFi would be down “until we determine the best and safest path to stand it up.” Officials said they will deliver daily updates at 2 p.m.

Cyberattacks have been on the rise. The FBI and the Cybersecurity and Infrastructure Security Agency last week warned of an increase of ransomware attacks on holidays and weekends, when offices are typically closed. Universities are not exempt.

“There’s been some big-name universities involved. Howard is just the latest one,” said Lisa Plaggemier, interim executive director at the National Cyber Security Alliance. The University of California system was targeted by a cyberattack in the spring. And the University of Utah paid more than $450,000 to hackers in August 2020. “Universities can be perceived by bad guys as having deep pockets.”

But institutions may want to avoid making payments.

“As long as people pay the ransom, it’s going to keep happening,” Plaggemier said. Instead, institutions should do more to train students and employees to recognize potential attacks, which often come in the form of phishing emails. “Any security professional will tell you it’s a matter of treating [attacks] like a when, not an if.”

In another message sent Tuesday morning, university leaders told the community to be wary of emails prompting them to download data, exchange money or relinquish contact information. The campus has also been asked not to use university email addresses to set up usernames on retail websites and other prohibited sites.

“Each stakeholder on our campus must operate with a sense of heightened awareness,” officials said. “Treat emails from unknown senders as suspicious until you know who has sent it.”

More than 11,000 undergraduate and graduate students are enrolled at Howard, according to the university’s website. It was unclear from the university’s statement how or whether the Internet outage affected Howard University Hospital.

Nnamezie Ononuju, a first-year medical student at Howard, said the outage forced him to leave campus Sunday for two hours to study at a Starbucks, where he could connect with the WiFi. He said the medical school was unable to upload lecture recordings on Friday because of the disruption.

“Over the course of the weekend, I saw many Howard students on their laptops at coffee shops and anywhere else they can obtain WiFi, even the Subway on Georgia Avenue,” he said.

lauren.lumpkin@washpost.com

paul.schwartzman@washpost.com

Dana Hedgpeth contributed to this report.