Ransomware attackers going after educational institutions is not new. Recently, the FBI’s Cyber Division issued an alert warning about an uptick in cyberattacks against higher education institutions and K-12 schools, delivering the PYSA ransomware. However, the ransomware epidemic now seems to have crossed the continents and rocked one of Europe’s most sought-after educational hub – Ireland. Two of Ireland’s top colleges – the National College of Ireland (NCI) and the Technological University Dublin (TU Dublin) – have reportedly been hit by ransomware attacks.
Attack on National College of Ireland
The National College of Ireland first announced the disruption of its IT services on April 3, 2021. As per the “Outage” update, NCI informed its students and faculty that the disruption had affected multiple college systems including Moodle, their Library service, and the MyDetails service which is provided specifically for the current academic year’s college students. The NCI, though, displayed a proactive and transparent approach by further adding,
Our IT teams and external service providers are currently working to rectify these issues. However, at present, we do not have a timeframe for IT services to resume.
Additionally, the authorities promised to keep everyone in the loop by giving timely and regular updates, and they did! On April 6, 2021, the NCI released an update confirming that it was indeed a ransomware attack that “resulted in the college suspending access to all NCI IT systems.”
IT Systems Outage Update: NCI’s IT systems were the victim of a ransomware attack on Saturday, 3rd April. NCI is following all protocols regarding notifications to the Data Protection Commissioner, Gardaí & other relevant authorities.
Further information: https://t.co/0oQfpbf420 pic.twitter.com/ORvuxXdwAi
— NCIRL (@NCIRL) April 5, 2021
TU Dublin’s Tallaght Campus Also Falls Prey
The Tallaght campus of TU Dublin was the other major educational institution that reported a cyber incident during the same timeframe. The university website read that “some” ICT systems have been disrupted and the investigation is ongoing.
Like the NCI, TU Dublin also assured regular updates about its ongoing investigation but via email. In the update email, which was sent to the students and further obtained by DataBreaches.net, the authorities confirmed that the TU Dublin’s Tallaght campus had been “subjected to a significant ransomware attack,” on April 1, 2021, which affected its entire on-site ICT systems.
While investigating the aftermath of the ransomware attack, the authorities observed that access to the main ICT systems and on-campus backups was cut out. However, it was encouraging to know that TU Dublin’s cloud services of the main ICT systems remained operational and available including Moodle, email, and MS TEAMS.
Both, the NCI and TU Dublin, have informed the relevant statutory authorities, including the Office of the Data Protection Commissioner and An Garda Síochána (the national police service of the Republic of Ireland), as per Irish regulatory protocols. Additionally, as a precautionary measure, the college authorities have requested its students and faculty to avoid using any ICT systems as the damages and number of devices infected are still being investigated.
Watch Out Ireland!
As per PWC’s “Irish Economic Crime Survey 2020,” Ireland is now Europe’s largest data hosting cluster. However, it was found that 51% of firms in Ireland have experienced an economic crime and another 69% experienced cybercrime in the last 24 months, which is more than twice what companies experienced worldwide (34%). These alarming numbers demand an elevated level of focus on the need for putting data protection systems in place.
PYSA Ransomware Targets Education Institutions: FBI
Maastricht University Ransomware Attack: All Systems Blacked-Out