Jun 17, 2021 - News
To pay or not to pay: Lessons from DMACC ransomware attack
Illustration of a backpack with digital glitching.
Illustration: Brendan Lynch/Axios

Des Moines Area Community College will resume online course instruction Thursday, two weeks after a ransomware attack brought classes to a halt.

  • No ransom has been paid but talks with the "threat actor" continue, DMACC president Rob Denson told Axios Wednesday.

Why it matters: It's yet another wakeup call about our widespread vulnerability to hacks and the importance of investing in cybersecurity.

Catch up quick: DMACC's online courses were canceled June 3 and the college fully closed the following day because of the attack.

  • In-person instruction resumed June 9.
  • Investigators don't believe the hackers have "anything significant," but they continue talking with them as part of the investigation, Denson said.

The big picture: Ransomware is national crisis that FBI Director Christopher Wray this month likened to the Sept. 11, 2001 terrorist attacks.

Be smart: DMACC's public transparency and its resistance in paying a ransom is a show of leadership that should be commended, Sen. Zach Nunn, the past cybersecurity director for the White House National Security Council, told Axios.

  • Attacks are underreported because businesses and governments fear their reputations will be damaged if they publicly acknowledge them.
  • Paying ransoms can make an institution an even bigger future target.

What's ahead: Iowa lawmakers have recently pushed to standardize the reporting of cyberattacks against governments.

  • The requirements may help avoid the most dire consequences and better protect taxpayers, Nunn said.
avatar

Get more local stories in your inbox with Axios Des Moines.

More Des Moines stories

No stories could be found

Des Moinespostcard

Get a free daily digest of the most important news in your backyard with Axios Des Moines.