Community College Ransomware Attack Wreaks Havoc

An apparent community college ransomware attack this week wreaked havoc on the school’s network and telephone system, and disrupted classes.

The attack shows that while the Colonial Pipeline and JBS USA attacks grabbed headlines in the past few weeks, other, lesser-known attacks are wreaking havoc.

Des Moines Area Community College (DMACC) canceled all classes for four days after malicious hackers forced it to shut down parts of the school’s network and telephone system. We don’t yet know if DMACC has paid a ransom.

DMACC had to post updates on Facebook, Twitter and a bare-bones version of its site. It also asked faculty, staff and students to avoid using Microsoft Office 365, as well as online learning platform Blackboard.

Online Classes Still Canceled

On Friday, DMACC resumed in-person classes; however, it hasn’t resumed online classes due to continuing network limitations.

In addition, it asked faculty and staff not to sign on to any computer while at any DMACC location.

DMACC said it continues to make progress toward restoring its network and “bringing us all back online together.”

Armis’ Nadir Izrael

To find out more about this community college ransomware attack and why bad actors are targeting schools, we spoke with Nadir Izrael, Armis‘ CTO. He said the school is still trying to figure out how deeply the hackers got into its network. They’re also trying to determine if the hackers stole any personal information.

Channel Futures: What do we know about how this attack occurred? Were the threat actors successful in their attack?

Nadir Izrael: The hackers were successful in their attack as the security incident forced the school to shut down parts of its network, resulting in online classes being canceled for four days and counting, and telephone systems. The attack appears to be ransomware, but we’re still waiting on confirmation.

Check out our slideshow above for more of Simpson’s comments on the attack, and more of this week’s cybersecurity news.