The University of Northampton suffered a cyber attack earlier in March, resulting in operational disruptions across its IT networks that lasted several days.
The University of Northampton released a statement recently, stating that on 17th March, it suffered a cyber attack which disrupted operations across its IT networks. The university is working with the law enforcement and experts to resolve the issue as quickly as possible.
“We can confirm that on March 17, the university detected a cyber attack, which resulted in an interruption of services to our IT and telephone systems and servers,” said a University spokesman.
“We are working with expert consultants to investigate and resolve this issue as quickly as possible, including legal counsel and IT forensics investigators, who are assessing the impact and advising on the appropriate remedial actions. The full facts of the situation have not yet been established and we will provide further information as soon as we can,” he added.
The spokesman also said that as a precautionary measure they have informed the Information Commissioner’s Office (ICO). “We have notified the Information Commissioner’s Office as a precaution and are liaising with the police as we investigate this attack further. A number of temporary work around solutions are being rolled out to support students and staff.”
A student who reported the issue to Northampton Chronicle and Echo mentioned that the cyber attack had a huge impact on the university's daily operations, including the functioning of its computer-based phone systems, and that the issue wasn’t completely resolved even after six days. “There have been some issues with emails. The Northampton Integrated Learning Environment (NILE) is down - this is an e-facility used by students across the university,” the student added.
A Northamptonshire Police spokeswoman confirmed that together with the National Cyber Security Centre, the force is working with the university to support them and investigate this cyber attack. “Enquiries are ongoing," she added.
“At the University of Northampton, we take the safety and security of our information as well as the continuity of our systems and services extremely seriously - and will continue to take every action to protect the organisation against cyber attacks. We would like to thank students and staff for their patience during this time,” the university's spokesman added.
There has been a major rise in the number of cyber attacks targeting universities in recent years. In September last year, Newcastle University admitted it suffered a ransomware attack that caused operational disruptions across its IT networks and systems. The cyber attack affected all university systems with the exception of those listed in the communications (Office365 – including email and Teams, Canvas, and Zoom).
The university added that because of the ransomware attack, access to study materials for on-campus and on-line induction and on-line teaching may not be available and the university is developing new materials to ensure students can access them by the time the new semester starts.
Commenting on the recent cyber attack targeting the University of Northampton, Richard Cassidy, Senior Director Security Strategy EMEA at Exabeam, told Teiss that “coming just weeks after the National Cyber Security Centre (NCSC) published an alert and guidance warning of an increase in targeted ransomware attacks in the UK education sector, this incident is unfortunate, but unsurprising.
“There can be little doubt that this attack was indeed targeted, with attackers taking specific steps to breach the University. However, while the NCSC does offer some basic defence practices and techniques for education institutions, its guidance falls short of addressing the fundamental challenge facing these organisations, which is more complex than ever given the proliferation of Internet of Things/ Operational Technology (IoT/OT) and the hyper growth of cloud-based services.
“Breaches are more often than not a culmination of user or device abnormalities, which far too few of these organisations are equipped to detect and triage. Connecting the dots across all the layers is key in understanding when abnormalities may occur, but we can’t continue to rely on the legacy approach of asking specific questions of significant data volumes. Doing so only raises more questions than answers, which detracts already overstretched resources from the core problem.
“Ultimately, we’ve got to embrace a new approach to aligning technology to our security outcomes. Automation is critical in helping organisations to deliver extended detection and response, converging and analysing critical data sets to baseline normal, so that abnormalities can be deduced early in the breach chain and mitigated before the worst-case scenario can occur,” he added.