Another education establishment hit by cyber attack

A cyber-attack on a university has taken out all of its IT systems.


The University of Hertfordshire suffered a cyber attack on Wednesday night which has resulted in all online lessons having been canceled.


However, some face-to-face teaching that did not involve computers may be able to continue.


A statement reassured students that no-one would be "disadvantaged as a consequence of this".


A statement from the University said: "Shortly before 22:00 last night, the university experienced a cyber-attack which has impacted all of our systems, including those in the Cloud such as Canvas, MS Teams and Zoom".


"Please be reassured that our IT colleagues are working hard to rectify the situation as soon as possible."


With all its systems affected by the attack, the university halted its online teaching on both Thursday and Friday, and said other classes may go ahead, but "students will have no on-site or remote access to computer facilities in the LRCs (learning resources centres), labs or the

university wi-fi".


A spokeswoman for the university said it was working with Hertfordshire Police's cybercrime unit, and added: "There is currently no evidence to suggest that any data has been taken."


In March this year, the National Cyber Security Centre (NCSC) provided additional support for education establishments following a rise in ransomware attacks since late February.


The NCSC said there had been a spike in criminals targeting of the sector since late February as institutions welcome pupils and students back to the classroom. They recommend a ‘defence in depth’ strategy to prevent and mitigate attack.

The NCSC’s advice includes a number of practical steps which can be taken as part of a ‘defence in depth’ strategy, from installing and enabling antivirus software to having up-to-date and tested offline back-ups.


Paul Chichester, Director of Operations at the NCSC, said: “Any targeting of the education sector by cyber criminals is completely unacceptable.

“This is a growing threat and we strongly encourage schools, colleges, and universities to act on our guidance and help ensure their students can continue their education uninterrupted.
“We are committed to ensuring the UK education sector is resilient against cyber threats, and have published practical resources to help establishments improve their cyber security and response to cyber incidents.”

You can find the guidance here: https://www.ncsc.gov.uk/files/NCSC-Alert-Further-targeted-ransomware-attacks-education-sector-March-2021.pdf

NCSC-Alert-Further-targeted-ransomware-a
.
• 262KB

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.