University College London (UCL) has been hit by a major ransomware attack which has caused significant disruption to its normal academic operations.
The ransomware attack is believed to have infiltrated UCL’s network via a phishing email, with the ransomware then infecting a number of users’ personal and shared drives. In a statement, UCL said:
“Yesterday we suffered a ransomware infection that has infected a number of users personal and shared drives. We took the decision to disable access to the UCL N and S drives and some other systems to reduce the likelihood of further infection.
“We apologise for the obvious impact this will have across the university but it is important that we act quickly to reduce the further spread of this malware.
“We believe that we have currently contained the risk of further infection but this is still under active investigation.”
The UCL IT team made the decision to suspend personal and shared drives, meaning users will be able to access, but not make any changes, to files on these particular drives.
Ransomware has hit the headlines recently with attacks on finance and healthcare organisations. The worldwide cyber attack dubbed WannaCry brought ransomware firmly to the attention of the public, with the attack hitting the NHS, FedEx and Telefonica.
However, the UCL ransomware attack just goes to prove that ransomware attacks are not isolated to healthcare and big business. Although the financial payoff of hitting banks and big brands like Telefonica are obvious, education also holds a veritable trove of information. From research to the personal information of thousands of students, education has become one of the most targeted industries.
“While ransomware is infamous for its attacks on the finance and healthcare sectors, education is also one of the most targeted industries,” said Jason Allaway from IT company RES.
“This is because universities and schools hold the key to hugely sensitive data that they need to recover at all costs, but often don’t consider themselves a target in the way other sectors do. Criminals exploit this, knowing they are facing an organisation that may not be as security-savvy as they need to be.
However, the problem lies in the fact that universities and schools may not consider themselves a lucrative target for hackers. This is where the educators need to be educated on cyber security.
“The first step is education, and not just for the students. Everyone involved in a university needs to be prepared, as after all, lecturers and other staff members are just as weak a link in the security chain if they don’t know what to look for,” said Allaway.
“Organisations should provide informative materials and classes on the techniques of hackers, such as phishing emails, how to spot these and how to counter-act them. Coupled with this is technology, as there are a number of strategies that should be adopted. These include permission-based access, application whitelisting and blacklisting, not allowing files to execute or download and automating the onboarding and offboarding of students and staff so no security holes remain unplugged.”
Education, specifically universities, have deep pockets and vast amounts of sensitive information – making them a perfect target for cyberattack. Education needs to start regarding cyber security like any other business and start working on the premise that attacks are inevitable.