PORTLAND, Ore. — After a cyberattack closed Clackamas Community College for nearly a week, students are back in class.
The college says they became aware of an online issue on Jan. 19, and students were unable to log in to the school's online portal, Moodle.
"I see that Moodle is down; I was like, 'Oh shoot, I can't get my homework'," first-year student Kainoa Medina said. "Then I was like, 'Let me check my information,' couldn’t access it and I was like, 'This is a really big problem."
About 16,000 students and 900 faculty members were locked out of the college's network. A spokesperson for Clackamas Community College called it an "attempted ransomware attack," and CCC President Tim Cook described it as "a significant cybersecurity incident."
While the school was able to isolate some systems from the network to protect them, they're still investigating exactly what happened and the extent of the impact.
"Usually, this is something like ransomware. A piece of software gets in, and it ends up taking hold of part of their environment or most of it," said Patrick Miller, CEO of Ampere Industrial Security. "Especially with schools, municipalities, it's actually more common than you’d think."
Miller said an attack like this one usually originates out of the U.S., and often times, the hackers will ask for a ransom.
"It's usually international actors that do this. It's usually international organized crime rings," Miller explained.
CCC did not say whether those bad actors that orchestrated the attack asked for money or if anyone's personal information was compromised, but that's something Medina is worried about.
"It was sinking in; it was like, 'Okay, well my information is probably stolen'," Medina said. "This is very unfortunate, and yes, I was very scared."
Miller says it can be difficult for any organization to defend against ransomware.
"The bad guys have to be right just once. They get one person to click on a link; they’ve got to get one person to open the wrong email," Miller said. "It's more and more difficult by the day to actually discern whether these things are real or not."
Oregon City Police told KGW their officers responded to the incident initially, but that federal agencies have now taken over the investigation.