09-22-2020 , 05:23 PM
https://www.avira.com/en/blog/universiti...berattacks Why are ransomware attacks on universities increasing?
17 September 2020 by Jaime-Heather Schwartz and Vera Iurcu 5 days ago Cyberthreats such as phishing and ransomware are not typically part of the usual curriculum, but perhaps they should be. Around the globe, cyberattacks on universities are becoming more frequent and more sophisticated. Each year, hundreds of universities report being hacked, and the number continues to grow. For example, in the last decade, over 25% of all UK universities have been victims of ransomware attacks, with most incidents occurring within the last five years.
Limited budgets for IT staff and outdated technological infrastructure, as well as a lack of awareness, make universities easy targets for hackers. But what exactly do cybercriminals stand to gain from exploiting these networks? Let’s take a closer look at some of the most recent attacks before outlining how and why universities fall victim to hacking and ransomware attacks.
Recent ransomware attacks on universities
This July, the BBC reported at least ten universities in the US, UK, and Canada had students and/or alumni data stolen after hackers carried out a targeted ransomware attack on Blackbaud, one of the world’s largest providers of education administration and other software. One of the schools that confirmed the attack, the University of York, stated the stolen data included names, gender, dates of birth, addresses, and contact details, along with phone numbers and email addresses. More recently, Newcastle University suffered major data leaks and disruption of their network and IT systems due to a breach by DoppelPaymer ransomware operators.
Across the pond in the United States, the University of Utah paid almost half a million dollars to a ransomware gang to prevent them from leaking student data. Signs point to the NetWalker gang being behind the attack. This same gang has already been found responsible for three other incidents: one at Columbia College in Chicago, Michigan State University (no ransom was paid), and the University of California San Francisco (UCSF).
Its June 1st attack on the University of California San Francisco (UCSF) wound up extorting $1.14 million from the leading medical-research institution. Despite the IT team’s attempt to hurriedly unplug computers to stop the attack, it came to an end through the university’s secret negotiations with the NetWalker gang via a live chat on the Dark Web. Once UCSF had transferred the bitcoins to Netwalker’s electronic wallets, they received decryption software to restore all encrypted data.
However, it’s not always a ransomware attack. This year, successive cyberattacks shut down European supercomputers that numerous academic institutions were using to work on Covid-19 research. Mining malware was found on affected servers, suggesting hackers were attempting to steal system power to mine cryptocurrency. This points to the attack being motivated by financial gain rather than targeting sensitive data.
17 September 2020 by Jaime-Heather Schwartz and Vera Iurcu 5 days ago Cyberthreats such as phishing and ransomware are not typically part of the usual curriculum, but perhaps they should be. Around the globe, cyberattacks on universities are becoming more frequent and more sophisticated. Each year, hundreds of universities report being hacked, and the number continues to grow. For example, in the last decade, over 25% of all UK universities have been victims of ransomware attacks, with most incidents occurring within the last five years.
Limited budgets for IT staff and outdated technological infrastructure, as well as a lack of awareness, make universities easy targets for hackers. But what exactly do cybercriminals stand to gain from exploiting these networks? Let’s take a closer look at some of the most recent attacks before outlining how and why universities fall victim to hacking and ransomware attacks.
Recent ransomware attacks on universities
This July, the BBC reported at least ten universities in the US, UK, and Canada had students and/or alumni data stolen after hackers carried out a targeted ransomware attack on Blackbaud, one of the world’s largest providers of education administration and other software. One of the schools that confirmed the attack, the University of York, stated the stolen data included names, gender, dates of birth, addresses, and contact details, along with phone numbers and email addresses. More recently, Newcastle University suffered major data leaks and disruption of their network and IT systems due to a breach by DoppelPaymer ransomware operators.
Across the pond in the United States, the University of Utah paid almost half a million dollars to a ransomware gang to prevent them from leaking student data. Signs point to the NetWalker gang being behind the attack. This same gang has already been found responsible for three other incidents: one at Columbia College in Chicago, Michigan State University (no ransom was paid), and the University of California San Francisco (UCSF).
Its June 1st attack on the University of California San Francisco (UCSF) wound up extorting $1.14 million from the leading medical-research institution. Despite the IT team’s attempt to hurriedly unplug computers to stop the attack, it came to an end through the university’s secret negotiations with the NetWalker gang via a live chat on the Dark Web. Once UCSF had transferred the bitcoins to Netwalker’s electronic wallets, they received decryption software to restore all encrypted data.
However, it’s not always a ransomware attack. This year, successive cyberattacks shut down European supercomputers that numerous academic institutions were using to work on Covid-19 research. Mining malware was found on affected servers, suggesting hackers were attempting to steal system power to mine cryptocurrency. This points to the attack being motivated by financial gain rather than targeting sensitive data.
