Tag Archive for: university

Scottish university hit by Rhysida ransomware gang

/in


Data supposedly stolen from the University of Western Scotland (UWS) in a ransomware attack has been put up for sale on the dark web by a newly emergent ransomware gang going by the name of Rhysida, which is asking for approximately £450,000 in Bitcoin, with plans to sell it to the highest bidder in the next few days.

According to the BBC, the incident began earlier in July and caused a brief period of downtime across some of UWS’s key systems, including its public-facing website.

The data on “offer” supposedly includes the personal details of staff members, including financial and National Insurance data, and a number of internal university documents.

A UWS spokesperson told Computer Weekly that the organisation had been the victim of a cyber crime affecting a number of digital systems.

“All appropriate steps continue to be taken to manage the situation,” they said. “The incident remains an ongoing criminal investigation and we continue to work closely with the relevant authorities, such as Police Scotland, the National Cyber Security Centre [NCSC] and the Scottish Government, who are providing support and advice. We have also reported the incident to the Information Commissioner.

“Working alongside these agencies, we are following a controlled process to work towards a resolution. We have been briefing colleagues and students since the start of this incident, and have advised colleagues that some staff data has been accessed. Staff continue to be contacted directly and provided with information and support. Our priority remains to ensure our university community and partners continue to be informed and supported at all times, while we work with law enforcement agencies as part of the ongoing criminal investigation.”

UWS said it was not able to address additional questions this time, and nor did it confirm whether or not the data dump was genuine or not.

Stolen documents

The Rhysida ransomware gang – which draws its name from a family of large centipedes found across Africa, Central and South America, and South and Southeast Asia – is a relatively new operation which has yet to accumulate victims at scale, and about which little is known, although…

Source…

Scottish university allegedly targeted in ransomware attack

/in



Data supposedly belonging to the University of the West of Scotland (UWS) has been put up for auction by an extortion cybergang. The university admitted to experiencing system issues earlier this …

Source…

Canadian university dealing with ransomware attack on email system

/in


Canada’s University of Waterloo is dealing with a ransomware attack on its email system, the school confirmed this week.

On Wednesday, the school vice president Jacinda Reitsma said the university had stopped an attempted ransomware attack on May 30 and has been working to limit the impact of the initial breach that preceded the cyberattack. The Waterloo, Ontario-based school serves more than 40,000 students.

Reitsma explained that the school’s on-campus Microsoft Exchange email services were affected by the ransomware attack, sparing those who only use their cloud-based email.

But as a result of the attack the school had to disable the email system temporarily meaning students could not log in or create new accounts. Students also were not able to sign into other educational platforms with their email credentials, like Workday, Waterloo LEARN, and more.

“We are aware of a breach involving our on-campus email service (Microsoft Exchange). This service has now been isolated. Most Microsoft Exchange accounts are currently housed in the cloud and are not affected,” Reitsma said.

“This means that for most people on campus, your email access is unaffected. As we continue to investigate the impact of this breach, we may need to isolate more services which means you may not be able to access some systems throughout the day today.”

In an update on Thursday, the school said it was initiating a complete system shutdown and reset on Thursday night, which lasted about six hours.

Access to the school library’s online resources, including Omni and course reserves, were impacted by the outages. The school held a town hall to explain the situation to students and faculty with concerns about the incident.

On Friday, Reitsma said the reset was successful but noted that students and faculty will have to change their passwords before June 8. Those who miss the deadline will be locked out of their accounts and will need manual help from the school’s IT team.

The Royal Canadian Mounted Police told Canadian media outlet The Record that it discovered the attack on Tuesday and informed the Waterloo Regional Police as well as the university’s Special Constable Services.

No ransomware…

Source…

Ransomware Group Uses Communication System of University | Robinson+Cole Data Privacy + Security Insider

/in


Threat actors never cease to find innovative ways to extort their victims. If only threat actors would use their creativity for good causes.

This week, Bluefield University communicated with its students to be careful of texts sent through the University’s communication system after a ransomware group used the communication system to message the campus about a ransomware attack in progress.

According to reports, the ransomware group used the University’s communication system to “send threatening messages out to all of Bluefield University’s students and employees.” The message stated “We’re the Avoslocker ransomware. We hacked the university network to exfiltrate 1.2 TB of files. We have admissions data from thousands of students. Your personal information is at risk to be leaked on the dark web blog. Do not allow the university to lie about the severity of the attack.”

The students received a one-day reprieve from exams because of the ransomware attack.

The FBI identifies AvosLocker as a ransomware-as-a-service group that targets critical infrastructure, including financial services, critical manufacturing and government facilities.

[View source.]

Source…