The cyber incident has taken most of Newcastle University’s systems offline and officials estimates it will take weeks to recover.
While students are slowly preparing to return to their universities and colleges after a prolonged absence due to the Covid-19 pandemic, Newcastle University in England has been left reeling from a cybersecurity incident that has affected almost all its systems.
The university first became aware of the cyber incident disrupting its networks and IT systems on Sunday, August 30th, and deployed a full incident response plan to evaluate the extent of the issue and stabilize the situation.
Although Newcastle University only stated that it suffered a cyberattack without identifying a culprit, according to BleepingComputer the DoppelPaymer ransomware gang is claiming credit for the attack sharing 750Kb of stolen data on their website as proof.
Due to the early stage of the investigation, officials did not disclose whether any personal information was compromised. They however insisted that the university takes the security of its systems seriously and that it responded quickly to the situation.
Moreover, they confirmed that there was no evidence that the university payroll data had been compromised adding that their online payment system has not been affected either, since it is managed offsite by the university’s payment provider.
The incident response also brings issues itself. “All University systems – with the exceptions of those listed in the communications (Office365 – including email and Teams, Canvas and Zoom) are either unavailable or available but with limitations. Access may cease at any point,” officials said on the incident dedicated webpage.
University officials also warned that many of its IT systems will not be working and those that currently are operational may be taken offline without prior notice, staff may also lose access to their accounts without notice and devices may be removed if they have been impacted by the incident. The university also went on to recommend that students and staff should transfer any essential or critical data to their OneDrives.
An update from the University Executive Board to the staff has revealed that the ongoing IT issues have forced teams at the Faculty of Medical Sciences to register over 1,000 returning medical students manually over the weekend, before they were set to return on Monday.
Newcastle University’s IT service (NUIT) is working to recover its systems while aiding the Police and the National Crime Agency in their investigation. The UK’s Internet Commissioner’s Office has been notified as well.
Universities falling victim to cyberattacks are not an unusual occurrence, since besides handling the personal data of employees and students they tend to work on highly-valuable research. In 2019 a malware infestation led to a curious password retrieval process, where 38,000 people were forced to pick up their passwords in person.
written by Amer Owaida, ESET We Live Security