Des Moines Area Community College announced it is closing the college today as an investigation continues into a cybersecurity incident first identified Wednesday. The investigation prompted DMACC’s information technology department to voluntarily shut down all online instruction and the telephone system beginning Thursday afternoon.

There is currently no indication that student or employee information has been accessed during the incident. An external forensic firm is leading the investigation into DMACC’s internal network, which affects 12 campus and learning center locations.

“If the investigation determines that personal information was compromised, we will provide notification to individuals whose information may be involved and ensure that all individuals have access to resources and services they need to protect their identity,” DMACC said in an updated statement this morning. “Our goals right now are to identify what occurred, make sure the network is safe, and restore our full functionality. Although we are working to do this as quickly as possible, it may be a few days before functionality can be restored.”

Registration deadlines that were effective June 3 will be extended for students until the network is back online, according to an update posted on Facebook by DMACC. Missed tests and assignments that are due or past due will be adjusted by faculty; communication to students will be sent via DMACC Rave Alerts or through email. Students and staff with questions about the incident and the potential impact may contact dpo@dmacc.edu.  

Cyber threat level against private businesses urgent, White House warns in national memo
The voluntary system shutdown at DMACC occurred on the same day President Joe Biden’s administration warned U.S. businesses to take urgent cybersecurity measures.

In a memo, the White House warned that escalating cyberattacks are disrupting critical infrastructure in the nation, including the recent cyberattack on JBS USA, which owns meat processing plants in Marshalltown, Ottumwa and Council Bluffs.

Deputy national security adviser Anne Neuberger wrote that the Biden administration is working with partners to “disrupt and deter” attacks that deployed ransomware, reported by the New York Times and other national outlets. Biden signed an executive order on May 19 implementing new requirements to modernize cybersecurity defenses for the federal government and private sector industries.

“It’s a call to arms, and there are things businesses can do,” said Doug Jacobson, professor of electrical and computer engineering at Iowa State University. “This call didn’t give us something new to do. It may have made some companies think about the fact that they need to do more.”

Although all sectors are vulnerable to cyber incidents, organizations in critical infrastructure sectors are under extra scrutiny after a ransomware attack on Colonial Pipeline led to a six-day fuel supply shutdown, affecting nearly half of the East Coast.

“JBS was the first major volley at the ag sector. [Iowa] produces a lot of alternative energy, biodiesel and ethanol,” Jacobson said. “In the case of both Colonial Pipeline and JBS it affected their front-end systems, but that stopped them from being able to carry out their business.”

Cybersecurity specialists are now emphasizing security practices that block third-party intruders from easily navigating an organization’s internal network. Organizations that leave their internal networks open to navigate do so for convenience -- it’s easy for both approved network users and internal intruders to navigate. Segmenting one network into multiple smaller networks can disrupt an intruder’s path through network computers in the organization.

“A good analogy is going into a giant warehouse, with no walls, no guards, no cameras. I can steal pretty much anything I want once I’m inside a warehouse,” Jacobson said. “If my warehouse consisted of thousands of locked cages, it’d be much more difficult for attackers to get things. There’s a trade-off there. But that’s the sort of idea, making it difficult so that once [intruders] come in, they can’t go from computer to computer.”

“Having a plan of what you’re going to do is critical,” he added.