Another British University Attacked

Uploaded on 2023-08-03 in FREE TO VIEW

Data belonging to The University of the West of Scotland (UWS) has been put up for auction by an extortion cybergang on the Dark Web after UWS refused to pay a ransom.

This comes just after UWS suffered a major cyber-attack affecting most of its systems. The attack was reported to police on 6 July.

The UWS said it was facing a "cyber incident" earlier in July and police have been investigating and a statement on the site displays a message warning it is “currently down” for maintenance and apologises for any inconvenience.

The university is working with the National Cyber Security Centre (NCSC), Police Scotland and the Scottish Government to resolve the issue.

It is understood that graduations will not be affected, meaning students across UWS’s five campuses can still enjoy their end-of-term celebrations.

The university has campuses in Paisley, Ayr, Dumfries and Blantyre and London.

Initially, no criminal group came forward to claim responsibility, but ransomware group known as Rhysida has claimed it was behind the incident and has seemingly tried to use the stolen data to extort the university.

And now the ransomware gang Rhysida is demanded 20 bitcoin (£450,000) for the confidential data and says it will be sold to the highest bidder.

This attack has affected staff laptops, shut off around half of the university's IT systems, and affected student submissions.

At the time, the university's website was down and an error message apologised for "inconvenience". Some areas of the site have since been restored.

The data advertised on the gang's Deep Web domain includes personal data belonging to staff such as bank details and national insurance numbers as well as internal university documents.

Here are some Key Data Points on the Education Threat Landscape:

SonicWall’s mid-year Threat Report found that between June 2022- June 2023 ransomware attacks on the education sector declined by 38% and it found that Q1 of 2023 had the smallest number of attacks since Q4 2019, but Q2 2023 ransomware has been steadily on the rise.

This is a clear indication that in the resurgence of ransomware education is a prime target.

Other findings include:

  • Cryptojacking Up 31939%
  • Malware attacks on education up 179%
  • Intrusion attempts down 59%

BBC:     The Scottish Sun:     STV:     Tech Monitor:     The National:     Glasgow Times:     Manchester Evening News:     Sonic Wall

 

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« British Surveillance Laws: Apple Might Withdraw Services
Norway’s Government Ministries Hit by Cyber Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ClickDatos

ClickDatos

ClickDatos specializes in consulting, auditing, data protection training, accredited by ISO/IEC 27001 certification.

Centre for the Protection of National Infrastructure (CPNI)

Centre for the Protection of National Infrastructure (CPNI)

CPNI works with the National Cyber Security Centre (NCSC), Cabinet Office and lead Government departments and agencies to drive forward the UK's cyber security programme to counter cyber threats.

Nexcom International

Nexcom International

Nexcom operates six global businesses - IoT Automation, Intelligent Digital Security, Internet of Things, Intelligent Platform & Services, Mobile Computing Solutions, Network & Communications.

Iceberg

Iceberg

Iceberg has been established to provide companies with cyber security experts who will protect businesses from the unseen threat of cyber crime.

Sikur

Sikur

Sikur have developed a communication platform that sets new boundaries for corporate privacy and security.

Intelligent Business Solutions Cyprus (IBSCY)

Intelligent Business Solutions Cyprus (IBSCY)

IBSCY Ltd is a leading provider of total IT solutions and services in Cyprus specializing in the areas of cloud services and applications, systems integration, IT infrastructure and security.

ADL Process

ADL Process

ADL Process offer secure data destruction, certified product destruction and responsible electronics recycling services to businesses and institutions.

Aujus Cybersecurity

Aujus Cybersecurity

Aujas is a pure-play cyber security services company with deep expertise in Identity and Access Management, Managed Security and Security Testing services.

LibraSoft

LibraSoft

Librasoft creates solutions to protect information from external and internal threats.

Cybergroot

Cybergroot

Cybergroot provides Cybersecurity Assessment services and professional Information Security trainings.

Creative ITC

Creative ITC

Creative ITC is a leading infrastructure and cloud enablement company. We design and deliver exceptional managed services and cloud solutions.

PreVeil

PreVeil

We started PreVeil to bring radically better security to ordinary business and personal communication and information storage.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Kodem Security

Kodem Security

Our mission is to make AppSec simple. Meet the world’s first dynamic software composition analysis platform. Only Kodem uses runtime intelligence to determine application risk.

SecurityBridge

SecurityBridge

SecurityBridge provide a cybersecurity connection between our customers’ IT departments, the forward-facing business services, and their SAP applications.

Oxylabs

Oxylabs

Oxylabs is the largest datacenter proxy pool in the market, with over 2 million proxies. Designed for high-traffic, fast web data gathering while ensuring superior performance.