Cyber incident disrupts another UK university

Coincides with attacks at universities in Cambridge and Manchester

Cyber incident disrupts another UK university

The University of Wolverhampton has confirmed that it experienced a "cybersecurity incident" last week, disrupting IT systems.

IT issues began on Tuesday across all campuses, causing the university to tell thousands of staff and students to work remotely.

"Working with external IT security experts, we can now confirm that the university has experienced a cybersecurity incident," a University of Wolverhampton spokesperson told the BBC.

They added that the university staff responded quickly, implementing measures to contain and mitigate its impact.

Certain systems were taken offline as a result, disrupting teaching activities. However, the university has since implemented measures to enable remote lectures in the short-term, alongside on-campus teaching where feasible.

Internally, the incident has been classified as a "serious cyber incident" and is being managed as a "major" incident by the university, where an investigation is ongoing.

The University of Wolverhampton, which has campuses in Wolverhampton, Walsall and Telford, says it is remains committed to addressing the incident and ensuring the security of its systems and data.

Fallout

As well as disrupting teaching, some students faced challenges accessing online resources and campus facilities after the incident.

Rowan Ashby, a motorsports engineering student, said the disruption forced him to seek alternative arrangements, including returning home to ensure continuity in learning.

Despite the university's efforts to address the situation, uncertainties loom over the duration and extent of the disruption.

The incident coincides with similar cyberattacks targeting the University of Cambridge and the University of Manchester last week.

Cambridge University fell victim to a distributed denial-of-service (DDoS) attack on Monday, disrupting internet access and critical services. Students were notified via email, highlighting the impact on platforms such as Moodle and CamSIS, which manage student information and academic records.

Similarly, the University of Manchester found itself caught in a cybersecurity crisis, attributing the disruptions to a "serious incident" affecting both the university and its network provider. Despite the initial chaos, the university resolved the matter within hours.

Anonymous Sudan claimed responsibility for targeting both Cambridge and Manchester universities.

The group cited the UK's support for Israel as the reason for carrying out attacks.

Despite its name suggesting affiliation with Sudanese causes, security analysts have attributed Anonymous Sudan's activities to Russian origins, casting doubt on its proclaimed motivations.

The group, first seen in January 2023, is suspected of employing the Skynet botnet for its offensive manoeuvres. Over the past year, it has targeted numerous victims, Microsoft among them.

Security firm KnowBe4 warned in a recent advisory note that universities are increasingly falling prey to cybercriminals due to their possession of extensive personal data and frequently inadequate security measures.

"It's a terrifying thought that only about half of higher education institutions in the UK have a strategy for safeguarding against cyberattacks," said Javvad Malik, the firm's lead security awareness advocate.

Cyber threats are rising, and IT leaders need the latest information to stay ahead of the curve. Join us at the Cybersecurity Festival on 2nd May, where we bring together the most senior and influential voices from security leaders throughout the UK. Click here to secure your free place.