Another British University Attacked

Data belonging to The University of the West of Scotland (UWS) has been put up for auction by an extortion cybergang on the Dark Web after UWS refused to pay a ransom.

This comes just after UWS suffered a major cyber-attack affecting most of its systems. The attack was reported to police on 6 July.

The UWS said it was facing a "cyber incident" earlier in July and police have been investigating and a statement on the site displays a message warning it is “currently down” for maintenance and apologises for any inconvenience.

The university is working with the National Cyber Security Centre (NCSC), Police Scotland and the Scottish Government to resolve the issue.

It is understood that graduations will not be affected, meaning students across UWS’s five campuses can still enjoy their end-of-term celebrations.

The university has campuses in Paisley, Ayr, Dumfries and Blantyre and London.

Initially, no criminal group came forward to claim responsibility, but ransomware group known as Rhysida has claimed it was behind the incident and has seemingly tried to use the stolen data to extort the university.

And now the ransomware gang Rhysida is demanded 20 bitcoin (£450,000) for the confidential data and says it will be sold to the highest bidder.

This attack has affected staff laptops, shut off around half of the university's IT systems, and affected student submissions.

At the time, the university's website was down and an error message apologised for "inconvenience". Some areas of the site have since been restored.

The data advertised on the gang's Deep Web domain includes personal data belonging to staff such as bank details and national insurance numbers as well as internal university documents.

Here are some Key Data Points on the Education Threat Landscape:

SonicWall’s mid-year Threat Report found that between June 2022- June 2023 ransomware attacks on the education sector declined by 38% and it found that Q1 of 2023 had the smallest number of attacks since Q4 2019, but Q2 2023 ransomware has been steadily on the rise.

This is a clear indication that in the resurgence of ransomware education is a prime target.

Other findings include:

  • Cryptojacking Up 31939%
  • Malware attacks on education up 179%
  • Intrusion attempts down 59%

BBC:     The Scottish Sun:     STV:     Tech Monitor:     The National:     Glasgow Times:     Manchester Evening News:     Sonic Wall

 

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« British Surveillance Laws: Apple Might Withdraw Services
Norway’s Government Ministries Hit by Cyber Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

InfoSec World

InfoSec World

InfoSec World conference and expo covers all aspects of information security with a broad agenda of sessions on key security issues.

Uniscon

Uniscon

Uniscon is a leading provider of cloud security solutions in Europe.

Tukan IT

Tukan IT

Tukan IT provides a data classification and protection solution.

FixMeStick

FixMeStick

FixMeStick is a virus removal device, a USB key that removes malware conventional antivirus software often can’t detect.

Cyjax

Cyjax

Cyjax monitors the Internet to identify the digital risks to your organisation, including cyber threats, reputational risks and the Darknet.

FTAPI Software

FTAPI Software

FTAPI SecuTransfer is a software solution for end-to-end encrypted data exchange of large and sensitive data with customers and partners.

National Cybersecurity Hub - South Africa

National Cybersecurity Hub - South Africa

The mission of the National Cybersecurity Hub is to be the central point of collaboration for cybersecurity incidents in South Africa.

Information and Communication Technology Authority (ICT Authority) - Kenya

Information and Communication Technology Authority (ICT Authority) - Kenya

The ICT Authority is responsible for enforcing ICT standards in Government and ensuring information security.

Elliptic

Elliptic

Elliptic solve the crucial problem of identity in cryptocurrencies, with the sole purpose of combating suspicious and criminal activity.

R2S Technologies

R2S Technologies

R2S can help you implement a cyber security framework to ensure your business is more resilient towards the growing threat of cyber crime. We provide Web and Mobile Application Security Assessment..

Cognyte

Cognyte

Cognyte are a market leader in security analytics software that empowers governments and enterprises with Actionable Intelligence for a safer world.

Quantexa

Quantexa

Quantexa automates millions of operational decisions, at scale, across multiple business units, including Anti-Money Laundering, Know-Your-Customer, Fraud, Credit Risk and Customer Intelligence.

Atomic Data

Atomic Data

Atomic Data is an on-demand, always-on, pay-as-you-go expert extension of your enterprise IT team and infrastructure.

RubinBrown

RubinBrown

RubinBrown LLP is a leading accounting and professional consulting firm. The RubinBrown name and reputation are synonymous with experience, integrity and value.

Avint

Avint

Avint delivers transformational cybersecurity solutions that help both commercial and government entities achieve mission success.

CloudCoCo

CloudCoCo

CloudCoCo help UK businesses of all sizes and industries succeed by providing enterprise-grade technology at small-business prices.