‘Ransomware’ attacks top London university

16 Jun 2017

University College London (UCL) has been dealt a blow on its online networks through a major cyber-attack, compromising the safety of student and staff data as well as their shared drives’ system, The Guardian reports.

The hit has led hospital trusts associated with the London school, such as the Barts Health NHS Trust, to suspend their email servers as a precautionary measure against new outbreaks. UCL said the attack began at 5pm on Wednesday.

Possible #ZeroDay #ransomware #phishing attack strikes @ucl campus, shared drives @guardian @alexhern @uclh – https://t.co/K1Tx4y4LP2 #UCL

— Jay Kelley (@JayJKelley) June 15, 2017

According to Graham Rymer, an ethical hacker and research associate at the University of Cambridge, UCL seemed to have responded well to the attack and had “locked it down pretty well”.

“One thing UCL did is to quickly switch all drives in the system to ‘read-only’ following the attack, which essentially prevented the malware from doing real damage,” Rymer said, as quoted by the BBC.

At first, the London school blamed it on “phishing” email linked to a destructive software, but later said it could be from clicking on a pop-up page, which then spread to a malware infection.

#UCL schooled by #hackers as it's whacked by major #ransomware #attack. #IT #security #cybersecurity https://t.co/7cbZjrfsX5

— Paul DL (@Paul_Dan) June 16, 2017

It warned it may be a “zero-day” exploit, where hackers take advantage of a security vulnerability the moment it is made public and before the vendor tries to fix it. This is the likely reason why it was not picked up by the university’s antivirus software.

The attack’s timing is interesting, as Rymer says hackers usually target people who are “more desperate” to get to their data, hence more willing to pay ransom.

“Currently there are a lot of students who will be putting the final touches to their dissertations, so it could be they were the targets,” Rymer said.

Every hour, one-third of universities in the UK alone are hit by a cyber attack, an EY Advisory research found. Higher education institutions’ large volumes of data and freedom of access make them vulnerable to a host of cyber threats and risks.