Cybersecurity Incident at Río Hondo College in California

In a recent turn of events, Río Hondo College in Southern California found itself grappling with a significant cybersecurity incident that disrupted campus operations for days before the situation started to normalize. While the school initially remained tight-lipped about the exact nature of the issue, it has since been revealed that it was indeed a cyberattack, shedding light on the pressing need for robust cybersecurity measures across educational institutions.

Río Hondo College, serving over 31,000 students in the bustling Los Angeles metro region, began experiencing disruptions of unknown origins. According to an October 23 Facebook post, access to the college’s website and various school-run tools had been restored, signifying a step towards recovery. The following day, the institution informed its community that its IT team had successfully resolved an issue impacting the disbursement of financial aid, which was subsequently sent out on October 26.

What initially appeared as technical difficulties took a more ominous turn when the LockBit ransomware gang claimed responsibility for the attack and set a deadline for the college to pay an undisclosed ransom by November 20. However, the school has been cautious in not explicitly terming it a ransomware attack, raising questions about whether a ransom will be paid and the involvement of law enforcement in response.

In a statement to Recorded Future News, a school spokesperson acknowledged that the outages were indeed a result of a cyberattack but refrained from categorizing it as ransomware. The spokesperson emphasized the college’s commitment to safeguarding the integrity and security of the data within its systems and assured the community of an ongoing investigation to ascertain the cause and scope of the incident. Further updates will be provided once the investigation is concluded.

This incident is part of a growing trend of cyberattacks targeting educational institutions. According to Emsisoft ransomware expert Brett Callow, this marks the 69th attack on a university or college in 2023, setting a record that surpasses the 44 incidents seen in the previous year. These figures do not even account for the numerous schools affected by data breaches, such as the MOVEit incidents.

In recent months, esteemed institutions like Stanford University and the University of Michigan have been victims of cyberattacks with severe consequences on campus networks and student data. Notably, ransomware gangs have shown an inclination towards community colleges, with several falling victim to attacks across the United States.

The LockBit ransomware gang, despite rumors of internal discord, continues its streak of devastating attacks worldwide. With over 81 attacks reported in September alone, the group has targeted a range of organizations, including New York hospitals, a Virginia school district, and the multibillion-dollar technology services firm CDW.

The incident at Río Hondo College underscores the critical importance of cybersecurity in educational settings. As cyber threats continue to evolve and grow, institutions must prioritize security measures to protect sensitive data and ensure the uninterrupted delivery of education services. Kepler Safe, a cybersecurity platform, stands ready to assist educational institutions in fortifying their defenses and safeguarding against such threats.