A community college with 12,500 students in California has been hit by a cyberattack that took down online services and phone lines.

The attack, targeting the College of the Desert, took place on July 4. The specific form of the attack was not disclosed. A spokesperson for the school told the Desert Sun Tuesday that the computer disruption was caused by a “malware attack.”

Some services remain available for students, including Canvas, Adobe and some ancillary systems, and the college has established a temporary website to provide some basic services while its network is restored. The college also said that students who have not paid fees due to the outages will not be dropped from classes and that the cyberattack does not affect classes.

The U.S. Federal Bureau of Investigation has been informed of the attack and the college has employed a third-party firm to attempt to minimize further disruption. This is not the first time the college has been targeted in a “malware attack,” with a similar incident taking place in 2020.

Although the college may be vague on the form of attack, the obvious candidate is ransomware. Schools, colleges and universities are regularly targeted by ransomware and, given that the attack caused widespread outages at the College of the Desert, a ransomware attack involving encrypted files crippling the college’s network is highly likely.

Josh Rickard, senior security solutions architect at low-code security automation company Swimlane Inc., agreed, telling SiliconANGLE that educational institutions have continued to be a prime target for ransomware groups over the last couple of years.

“While College of the Desert has not said whether the incident was a ransomware attack, only calling it a ‘computer network disruption,’ it is clear that the cyberattack has impacted operations significantly by bringing down the school’s online services and campus phone lines,” Rickard said. “Education institutions such as College of the Desert need to devote more resources to information security teams, tools, processes and products. These programs allow for full visibility into IT environments and can thwart malicious threats in real-time.”

Sally Vincent, senior threat research engineer at security operations center provider LogRhythm Inc., noted that the attack on College of the Desert follows a string of similar cyberattacks in the last year. The long list includes Ohlone College, Savannah State University, University of Detroit Mercy, Centralia College, Phillips Community College of the University of Arkansas, National University College, North Carolina A&T University, Florida International University, Stratford University, Austin Peay State University and Kellogg Community College.

Photo: College of the Desert/Facebook