Centralia College Ransomware Attack Made Data Inaccessible

(TNS) — Weeks of scanning individual desktop computers for malware and finding workarounds for services impeded by a ransomware attack that hit Centralia College's local servers on Feb. 14 have yielded some success. Life on campus is slowly returning to normal, and investigators are hopeful the attack didn't cause the school long-term harm.

Instead of stealing data from the campus, investigators found that the hackers encrypted data kept on the campus' local servers, preventing anyone from accessing it.

Investigators are hopeful most of the data can be recovered, but it will be some time before they know for certain.

"If the investigation continues to show that no personal information was stolen, and we are able to restore the data that has been encrypted, we will be able to emerge from this attack without significant lasting harm," said President Bob Mohrbacher in an campuswide email on Thursday.

Centralia College is insured against cyber attacks, Mohrbacher added.

While most of the college's information was transferred to cloud systems in 2020, the attack "has been highly disruptive to college operations and will incur some significant costs," Mohrbacher said.

All campus desktop computers and other devices that utilize the college's local servers were immediately shut down when staff discovered the attack the morning of Feb. 14. Since then, college staff have been working to restore tools and services that utilize the local servers, like the campus' wifi network, the bookstore's point of sale system and the school's website.

The website has since been moved to an external cloud server and was restored on March 2.

Tools like Canvas, ctcLink, Outlook email and others not located on our local servers were not impacted by the attack.

"It will be some time still until all of the issues related to this attack are fully resolved, but you can expect to see significant progress being made each day," Mohrbacher wrote. " Centralia College is a place filled with problem solvers, and you should know that they are working hard to address this challenge," he said.

Centralia College's IT Department continues to work with the State Board for Community and Technical Colleges, along with several external experts who specialize in ransomware attacks, to investigate the Feb. 14 attack and restore campus services.

Updates are being posted to the college's Facebook page at https://www.facebook.com/CentraliaCollege.

©2022 The Chronicle (Centralia, Wash.). Distributed by Tribune Content Agency, LLC.