Last week Toronto’s York University fell victim to what appears to be a ransomware attack, according to cybersecurity expert David Masson, and it shouldn’t come as a surprise.
Masson, director of enterprise security at cybersecurity firm Darktrace, says there have been multiple advisories recently warning healthcare providers, municipalities and academic institutions of ongoing cyberattacks against organizations involved in the coronavirus response.
“Just this morning, there was a combined statement put out by the United States and the United Kingdom, actually warming various organizations about attacks from nation-states that are looking to steal information about COVID-19 for their national interests,” Masson said, referring to Tuesday’s warning from the UK’s National Cyber Security Centre (NCSC) and the US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). “And one of the areas that they warned would experience more attacks was in academia.”
Just last month, York University announced a $250,000 COVID-19 research fund.Submissions were accepted and the successful ones were announced April 30.
“This is the last thing a university needs right now,” added Masson, pointing to the speed at which the more than 6,100 computers and devices were affected by the attack as the reason why it could be ransomware. “This was a big attack that moved very quickly and it kind of looks like a ransomware attack. It makes you wonder whether the rest of academia and the Canadian government are paying attention to this and making sure it doesn’t happen to them.”
York says the cyber attack May 1 corrupted a number of its servers and workstations, but no sensitive information was stolen, the university’s chief information officer Donald Ipperciel indicated on Twitter Monday. More than 15 different systems were impacted, including Office 365, VPNs for HR and finance departments, Zoom, on-student access to the internet. These systems as of May 4 have restored functionality, Ipperciel wrote in a blog post on York’s website, but the school continues to urge its students to change their current Passport York passwords.
“The cyber investigation is still ongoing and teams are working on a 24 hr cycle since Friday. So far, no indication that confidential information was compromised. However, we still have to wait for the final assessment,” Ipperciel Tweeted. “To make things worse, the service desk ticketing system and IT phone systems are inaccessible because of the cyber-confinement of our systems This will seriously impede our ability to respond to the community.”
Attacks on education institutions is a trend, not a blip…
EU confirms PIPEDA’s adequacy status under the GDPR
In a Report issued two weeks ago,[1] the European Commission advised that i…