Reports have it that the University College of London has been hit with a major malware attack that has encrypted its students’ files. The school has issued a warning that the invasion which affected its Windows devices only, was probably disseminated through a phishing email. It further went on to say that the malware may have involved a zero threat day because of the fashion it managed to bypass the universities existing protocols.
The notification warns students to maintain a high level of alertness when viewing random emails, this is so because opening such emails could lead to information being lost and also damage to the university. It was however revealed that the first attack came via a phishing email even though this has yet to be confirmed as at the time of filing this report.
It does appear however that the phishing email was opened by some people at about noon. The virus load then installed files on the local drives. The antivirus did not, however, check or show any unauthorized activities thus fueling beliefs that it could be a zero-day attack.
With this invasion, UCL has barred access local drives and shared network devices. It even went further to take its desktop@UCL and desktop anywhere services offline, although it says that they are now up and running, even though it may be quite slow.
UCL issued a statement saying that snapshot backups of all the shared drives have been taken with time and thus it should help guard many of the data even if they have been compromised by the virus. Once confidence levels have increased about the containment of the viral infections, most of the recent backup file will certainly be restored. It should be noted that backups are taken hourly. UCL further came out to say that further updates would be put up soonest.
Making remarks about the attacks, a threat expert and security advocate, Fischer Thomas said that Universities have become cheap prey for malware attacks. This is not farfetched a reason as the complex user environment and open culture makes it an easy catch. Also, there happens to be a large collection of vulnerable devices in the hands of students who are usually ignorant of what a web-based threat or phishing email resembles.
This fact coupled with the unwillingness to pump money into cyber security tools and their usually overused and underfunded information technology departments all lead to a breeding ground for potential malware invasion.