The Ohlone Community College District (OCCD), with campuses in Fremont and Newark, was the latest victim in a string of ransomware attacks against higher education institutions. The cyber attack at OCCD took place on January 20, according to district officials, but the full scope of the intrusion, which comprised the personal information of an unknown number of the district’s students and former students, was not recognized until nearly a week later. OCCD’s email systems, phones, and student portal were disabled just as the spring semester was getting underway, according to a statement from the college.
Ohlone spokesperson, Jen Marquez, in an email to The Citizen on February 23, confirmed no ransom had been paid, but provided no additional details. “This is an ongoing investigation and we’re working with law enforcement and a third-party specialist,” Marquez wrote. “We must continue to protect the security of the college, and we are unable to share any other details regarding this information at this time.”
In a February 4 statement, OCCD said it has “no evidence of misuse of information,” but is offering “potentially impacted individuals access to free credit monitoring and identity protection services.” All systems were restored by February 5, according to Marquez.
Other colleges and universities hit with ransomware attacks in recent years include the University of California, San Francisco (UCSF), Michigan State University, Columbia College, and the University of Utah, according to a March 2021 article in Inside Higher Ed. UCSF paid a $1.14 million ransom to recover “sensitive information stolen from the institution’s School of Medicine,” according to the article.
Asked by The Citizen about the incident, State Chancellor Eloy Ortiz Oakley characterized ransomware attacks as “a growing problem, not just in California, but throughout the country.”
Speaking at his media briefing for student journalists on February 22, Oakley explained the California Community Colleges Information Security Center provides technical and professional development support for the local districts and can identify vulnerabilities in their computer networks.
Oakley also indicated that significantly more resources are being allocated for cybersecurity in the current annual budget, but cautioned, “as soon as we implement security measures, some nefarious group tries to get around them.” Marquez confirmed the Ohlone IT services department “has worked with the CCC Information Security Center for several years and has informed them about this incident.”
While several companies in the private sector, most notably Colonial Pipeline and meat supplier JBS, have been victims of high profile ransomware attacks, education is the “most affected sector” according to a June 2021 article in Educause Review. That article cited data from the Microsoft Security Intelligence site which showed the education category reported over 7 million enterprise malware encounters in the past 30 days compared to just 714,701 in the second largest category (retail and consumer goods).
BlueVoyant, a cybersecurity services company, in a 2021 report entitled “Cybersecurity in Higher Education” found that ransomware attacks on colleges doubled between 2019 and 2020. That same report indicated that the average cost of a ransomware attack in higher education was $447,000 in 2020. Perhaps most disturbing, BlueVoyant reported that 66% of the universities and colleges in its study “lacked all basic email security configurations” and three quarters “had open or unsecured remote desktop ports,” a vulnerability often exploited in ransomware attacks.
The Peralta Community College District was promised enhanced security as one of the benefits of the upgrade of its PeopleSoft/Oracle computer system last year. The cost of that project started at $6.3 million, but eventually rose to $9.9 million once licensing fees and a second phase were added. The Board of Trustees recently committed an additional $317,263 to retain a consulting firm (Huron) to manage implementation of the second phase of the PeopleSoft upgrade project.
Antoine Mehouelley, Perlata’s Chief Technology & Information Systems Officer, in an email statement to The Citizen, said “The Peralta Colleges…know the threat of a data breach is real and ongoing. Protecting the health and safety of Peralta students and employees remains our highest priority, and that includes the security of our personal data, keeping our private information safe. Peralta Colleges’ cyber security was enhanced by the PeopleSoft upgrade to version 9.2 and the move to Oracle cloud hosting. We’ve also recently added two-factor authentication for administrators.”
Mehouelley was reluctant to disclose additional details since “people with nefarious intent are watching closely.” He confirmed that Peralta also works with the CCC Information Security Center.