Prolonged IT services disruption at Newcastle University due to ransomware attack
by Raymund Taylun, Senior Security Advisor
09 September 2020
Newcastle University struggled in recovering their IT services due to ransomware attack.
The cyber attack affected IT networks and systems except Office365 and other cloud services for communications i.e. Teams, Canvas and Zoom.
The university warned the public that they will take “several weeks” to bring the IT services back up:
According to the news, Newcastle University was able to notify both Information Commissioner’s Office (ICO) and Office for Students within 72 hours after cyber attack was identified.
Meanwhile, DoppelPaymer ransomware already made a public claim that they are the one responsible behind the attack and leaked 750Kb of stolen data on their leak site – “Dopple Leaks.”
This is another case of ransomware attack that we can relate to what Blackbaud experienced back in May 2020.
Cyber criminals, especially the creators of ransomware, will always be around the public network ecosystem, attacking their vulnerable prey one-by-one and ensuring their efforts pay off by using stolen, encrypted data for extortion or selling victims’ data on the dark web.
If organisations remain complacent and keep cyber security out of their top priorities, this makes it easier for cyber criminals to penetrate the attack surface and steal confidential data, which can lead to financial or reputation loss.
To begin addressing these risks, businesses, both small and large, need to conduct a regular cyber risks assessment to identify what data, applications, and users are business critical. By doing a cyber risk assessment, organisations can gain a better understanding of how their budget should be allocated in order to (a) keep their cyber risk at a low level to prevent cyber attacks and (b) quickly recover in the event of system failure or data breach.