Another British University Attacked

Uploaded on 2023-08-03 in FREE TO VIEW

Data belonging to The University of the West of Scotland (UWS) has been put up for auction by an extortion cybergang on the Dark Web after UWS refused to pay a ransom.

This comes just after UWS suffered a major cyber-attack affecting most of its systems. The attack was reported to police on 6 July.

The UWS said it was facing a "cyber incident" earlier in July and police have been investigating and a statement on the site displays a message warning it is “currently down” for maintenance and apologises for any inconvenience.

The university is working with the National Cyber Security Centre (NCSC), Police Scotland and the Scottish Government to resolve the issue.

It is understood that graduations will not be affected, meaning students across UWS’s five campuses can still enjoy their end-of-term celebrations.

The university has campuses in Paisley, Ayr, Dumfries and Blantyre and London.

Initially, no criminal group came forward to claim responsibility, but ransomware group known as Rhysida has claimed it was behind the incident and has seemingly tried to use the stolen data to extort the university.

And now the ransomware gang Rhysida is demanded 20 bitcoin (£450,000) for the confidential data and says it will be sold to the highest bidder.

This attack has affected staff laptops, shut off around half of the university's IT systems, and affected student submissions.

At the time, the university's website was down and an error message apologised for "inconvenience". Some areas of the site have since been restored.

The data advertised on the gang's Deep Web domain includes personal data belonging to staff such as bank details and national insurance numbers as well as internal university documents.

Here are some Key Data Points on the Education Threat Landscape:

SonicWall’s mid-year Threat Report found that between June 2022- June 2023 ransomware attacks on the education sector declined by 38% and it found that Q1 of 2023 had the smallest number of attacks since Q4 2019, but Q2 2023 ransomware has been steadily on the rise.

This is a clear indication that in the resurgence of ransomware education is a prime target.

Other findings include:

  • Cryptojacking Up 31939%
  • Malware attacks on education up 179%
  • Intrusion attempts down 59%

BBC:     The Scottish Sun:     STV:     Tech Monitor:     The National:     Glasgow Times:     Manchester Evening News:     Sonic Wall

 

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« British Surveillance Laws: Apple Might Withdraw Services
Norway’s Government Ministries Hit by Cyber Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

PubNub

PubNub

PubNub enables developers to build secure realtime Mobile, Web, and IoT Apps.

Device Authority

Device Authority

Device Authority specialises in security automation for the Internet of Things (IoT).

Redbud

Redbud

Redbud is a specialist search and recruitment firm for Information Security professionals.

Mega

Mega

Mega is a secure cloud data storage provider with browser-based high-performance end-to-end encryption.

Scout Ventures

Scout Ventures

Scout Ventures is an early stage venture capital firm that is making the world a better, safer place by cultivating standout frontier technologies.

NWN Corp

NWN Corp

NWN Corporation is a leading Cloud Communications Service Provider (CCSP) focused on transforming the customer and workspace experience for commercial, enterprise and public sector organizations.

Moss Adams

Moss Adams

Moss Adams is a fully integrated professional services firm dedicated to assisting clients with growing, managing, and protecting prosperity.

FastNetMon

FastNetMon

FastNetMon is a very high performance DDoS detection and mitigation tool which could detect malicious traffic in your network and immediately block it.

Flat6Labs

Flat6Labs

Flat6Labs is the MENA region’s leading seed and early stage venture capital firm, currently running the most renowned startup programs in the region.

Amazon Web Services (AWS)

Amazon Web Services (AWS)

Amazon Web Services is the world’s most comprehensive and broadly adopted cloud platform, offering fully featured services from data centers globally.

Contextal

Contextal

Contextal develops cutting-edge open-source cybersecurity solutions, designed to connect the dots and detect complex threats, which slip through the existing protections.

Thoropass

Thoropass

Thoropass (formerly Laika) helps you get and stay compliant with smart software and expert services.

Winslow Technology Group (WTG)

Winslow Technology Group (WTG)

Winslow Technology Group is a leading provider of IT Solutions, Managed Services, and Cybersecurity Services dedicated to providing exceptional business outcomes for our customers since 2003.

Cynch Security

Cynch Security

Cynch Security are passionate about building a world where every business is resilient to cybersecurity risks, no matter what their size.

Clango

Clango

Clango employs an identity-centric approach to optimizing your cybersecurity investment while minimizing risk.

ioSENTRIX

ioSENTRIX

ioSENTRIX offers tailored, risk-focused assessments that reduce true business risk.