By now it's a well-known fact that most of the students are relying on online learning and video-conferencing apps due to the ongoing global pandemic, the University of Hertfordshire in the UK has suffered a major cyber-attack that has eventually disrupted its online learning.
According to a ZDNet report, the cyber-attack has affected all of its IT systems, including Office 365, Teams and Zoom, local networks, Wi-Fi, email, data storage, and VPN. The university reported the hit by attackers on Wednesday, resulting in the cancellation of all online classes on Thursday and Friday.
“As a result, all online teaching will be canceled today (Thursday 15 April), and we understand that this may impact students being able to submit assignments. We want to reassure our students that no one will be disadvantaged as a consequence of this. Any in-person, on-campus teaching may still continue today, if computer access is not required, but students will have no on-site or remote access to computer facilities in the LRCs [learning resource centres], labs or the university Wi-Fi. We apologize for the inconvenience this situation has caused and will continue to keep you updated,” the university spokesperson stated.
However, the University of Hertfordshire had not formally disclosed the nature of the attack, or even whether it had been hit by ransomware. Unfortunately, there has been a sharp rise in ransomware attacks targeting academic institutions – both schools and universities in the last year, partly as a result of additional vulnerabilities brought about by the shift to online learning during COVID-19. Last year in the UK, Newcastle and Northumbria Universities experienced ransomware incidents, causing significant disruption.
Jérôme Robert, director at Alsid, said universities are starting to become aware that they are prime targets. “The sheer size of the student and faculty at a university – in Hertfordshire’s case nearly 28,000 people – makes it incredibly difficult to secure and manage the IT estate,” he added.
“Think of the huge volume of new joiners and leavers each year at universities. IT teams somehow have to manage that process of creating, deleting, and managing all those accounts. It’s a never-ending operation to keep all of that neat and tidy, and any oversights, such as old accounts not being closed down, present risk. On top of this, higher education is currently at heightened risk because of the increase of network activity and general complexity of enabling hybrid learning,” he further told.