Newcastle University, in the North East of England, has suffered a cyber attack which has already caused several days of disruption to its IT services.
And, the university warns, it will “take several weeks” to get systems up and running again:
Our teams are working with a number of agencies to address the current issues and are taking further measures to secure the IT estate.
The nature of the problem means this will be an on-going situation for some time and it will take several weeks to address.
Please be aware:
* Many IT services are not operating and will remain that way for the duration.
* IT services that are operating may need to be taken down without notice.
* Colleagues may lose access to their IT accounts without notice and they may not be re-enabled quickly.
* NUIT may need access to any IT system you keep or use.
* We may need to remove PCs, servers or other devices if we find out they are impacted, in order to carry out detail investigations
Newcastle University doesn’t say as much, but it would be a brave person who would be prepared to bet that this was anything other than a ransomware attack.
If that’s the case then, depending on the family of ransomware responsible, the university’s IT team may not only be scrabbling to restore systems from secure backups (if they exist) but also facing the possibility that the hackers have exfiltrated sensitive data from compromised computer networks.
The police and Information Commissioner’s Office (ICO) have been informed about the security incident.
The announcement of the attack at Newcastle University follows hot on the heels of what sounds like a very similar attack at Northumbria University, which since the end of August has closed its Newcastle campus, and felt forced to reschedule exams, due to being “the victim of a cyber incident…which has caused significant operational disruption.”
It’s not been a great time for either university, with Newcastle University listed earlier this year amongst the countless victims of the disastrous Blackbaud data breach.
Whether either university was specifically targeted by hackers is unclear at this point, but educational establishments are frequently thought of as relatively easy-pickings for cybercriminals because of inadequate investment in cybersecurity, their open nature, and a rapid turnover of both staff and students.