UCL’s networked and shared drives have been shut off as it tackles the cyber attack
Students and academic staff from University College London (UCL) are facing disruption after a ransomware attack encrypted shared and networked files belonging to the university.
Silicon was first informed of the cyber attack by a source familiar with the issue, but further details later emerged that the attack appears to be have occurred through the exploitation of a zero-day flaw.
UCL has warned staff and students that they may face “very substantial disruption” from the ransomware attack as the university has shut off access to the infected drives in a bid to tackle the attack and will then likely restore the drives back to a previous working state; this could lead to a loss of data and thus add further disruption into the mix.
Clear details on the attack are unclear; UCL informed Silicon that it is still looking into the attack.
Ransomware hit UCL
“Yesterday we suffered a ransomware infection that has infected a number of users personal and shared drives. We took the decision to disable access to the UCL N and S drives and some other systems to reduce the likelihood of further infection,” said UCL’s Information Services Division (ISD).
“Our current hypothesis is that the infection started as a result of UCL users visiting a website that had been compromised. Clicking on a popup or even just visiting a compromised site may have then introduced the malware to their device.
“The website could be one that they use regularly. We are still trying to confirm this and determine the site that may have caused the infection. Currently 12 users local or shared drives have been infected and encrypted.”
As one of the leading universities in the world, UCL has a veritable treasure trove of academic information, research and valuable projects carried out in conjunction with industry, all of which are of significant value.
No doubt UCL has robust cyber security systems and policies in place, but the as the flaw was not detected and potentially falls into the category of ‘zero-day’, the university was arguably defenceless against such an attack.
Public sector organisations appear to be having a horrid time with cyber attacks at the moment, notably with the WannaCry ransomware which wreaked havoc across a large amount of NHS hospitals.
There are ways to tackle such threats as Trend Micro told us as Infosecurity 2017, but it requires a good deal of leg work.