A community college in California has been knocked offline and had its services disrupted following an apparent malware attack last week.
Merced College was knocked offline on Nov. 3, with the school saying on Twitter that it was experiencing a significant network disruption and that most technology functions of the district were offline. Taken down in the attack were all network communications, online platforms, the college website and other technology services.
In the days following the attack, the college district simply repeated the same message. In an update on Nov. 8, Merced provided an update saying that it had hired “some of the best experts in the field” and that the team was working to determine if personal identification information had been compromised.
In response to the attack, the college has also established a temporary website at mercedcollege.org to provide information to students and staff. According to a person familiar with the matter, the malware attack has brought Merced College to its knees and students and employees know very little about what is happening to their personal data. Systems still appear to be down.
SiliconANGLE reached out to Merced for comment but has not received a reply. Given that the district’s website and other services have been down for days, the obvious candidate for the form of attack is ransomware.
A search by SiliconANGLE failed to find any ransomware gang claiming responsibility for the attack on the dark web. However, if the ransomware attack was not undertaken by a so-called double-tap ransomware gang — one that not only encrypts computers but steals data and threatens to release it — the attack may not necessarily be publicized, either.
The cyberattack on Merced comes several months after the Los Angeles School District was knocked offline in a ransomware attack. Having refused to pay the ransom demands, 500 gigabytes of data stolen from the school district was published online a month after the attack.