Cyber Incident Victim: College of the Desert
Date:
Jul 2022
Location:
United States of America
Summary
A California community college experienced a malware attack disrupting its network, causing widespread outages affecting email systems, the primary website, campus phone lines, and VPN access. While core academic platforms like Canvas, Microsoft Teams, and Zoom remained operational, the institution established a temporary website and utilized text alerts and social media for updates. IT staff and third-party experts worked to restore services, with the FBI investigating the incident—marking the second such attack against the college within two years. Despite the disruption, classes continued uninterrupted, student enrollment was preserved regardless of payment delays, and counseling services were maintained through alternative online platforms.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 4, 2022, College of the Desert in Palm Desert, California, experienced a widespread malware attack that disrupted most of its online services and campus infrastructure. The attack caused immediate outages affecting the college’s primary website, campus landline phone systems, email access for some employees, and VPN connectivity. While core academic platforms like Canvas, Adobe Creative Cloud, Microsoft Teams, and Zoom remained accessible through direct links, the institution established a temporary website (codnews.org) to disseminate updates and maintain critical student services such as counseling via Cranium Café. College officials publicly confirmed the incident as a "malware attack" and emphasized that summer classes would proceed uninterrupted, with assurances that students wouldn’t be dropped from courses due to payment system disruptions. The college’s IT department collaborated with an unnamed third-party cybersecurity firm to contain the incident and restore systems, while advising staff and students to monitor social media channels and emergency text alerts for updates.
This marked the second major malware incident at the college within two years, following a similar attack in August 2020 that also disabled websites and email systems while causing permanent data loss. The Federal Bureau of Investigation opened an investigation into the 2022 attack, though college spokesperson Nicholas Robles declined to confirm whether the same threat actors were involved or if ransomware demands accompanied the intrusion. Despite ongoing restoration efforts, the college maintained limited operational capacity through alternative platforms, redirecting student inquiries to Canvas portals for course materials and preserving administrative functions through manual processes. No class cancellations or academic timeline adjustments resulted from the attack, though the full scope of data compromise and long-term technical consequences remained undetermined as recovery continued. The incident reflected broader targeting of U.S. community colleges by cybercriminals, with at least 19 higher education institutions suffering ransomware attacks in 2022 alone according to industry analysts.