The National Cyber Security Centre has issued a specific alert to higher education institutions after a recent spike in attacks. In particular, both Northumbria and Newcastle Universities have come under attack in the last few weeks. These attacks come at the most critical time in the academic year, as universities recruit new students and prepare to welcome people back on campus.
Northumbria University first became aware of a “cyber incident” on 28th August, although this was only made public on the 31st. There was an immediate impact on students with the student portal and on-line learning systems being unavailable. Critically, the incident also caused disruption to exams and to a clearing hotline. As of 10th September the university reported that the on-line learning system was available again but other key systems such as accommodation and timetabling were still impacted. An update yesterday advised that most systems were now up and running but there were still intermittent issues with, for example, the website.
Only two days later, neighbouring Newcastle University also became aware of widespread IT problems. It has since been confirmed that this was a ransomware attack with a sample of files posted on-line. Once again disruption was very widespread, although Office 365 and the Virtual Learning Environment remained available. An update on 3rd September advised that recovery of systems would most probably not begin for at least another week, and a further update on the 4th reporting that SAP had been restored but that “The nature of the problem means this will be an on-going situation for some time and it will take several weeks to address.” Few further details have been announced since then, with the last holding statement, issued on 14th September, simply stating that investigations are ongoing.
Clearly these attacks could not have come at a worse time for universities already struggling to deal with the effects of the Covid-19 pandemic. You may also be interested in our recent blog posts about UK universities being impacted by a cyber attack on Blackbaud and the University of California, San Francisco responding to a ransomware attack.