Ransomware hits TU Dublin and National College of Ireland
The National College of Ireland (NCI) and the Technological University of Dublin have announced that ransomware attacks hit their IT systems.
NCI is currently working on restoring IT services after being hit by a ransomware attack over the weekend that forced the college to take IT systems offline.
“NCI is currently experiencing a significant disruption to IT services that has impacted a number of college systems, including Moodle, the Library service and the current students’ MyDetails service,” the college announced on Saturday.
In a subsequent update following the April 3rd ransomware attack, faculty and staff were notified that IT staff and external service providers are working on restoring the services.
Access to NCI’s IT systems was suspended and the campus building is also currently closed to both students and staff until IT services are restored.
NCI has also alerted the relevant authorities of the incident, including the Data Protection Commissioner and Gardaí (the national police service of the Republic of Ireland.
“Please note that all classes, assessments and induction sessions planned from today Tuesday 6th until this Thursday 8th April inclusive have been postponed and will be rescheduled for a later date,” NCI added in a statement issued today.
“The college will issue a further update on Thursday afternoon in relation to classes and other events for Friday and beyond.”
Students with assignments due this week were told that “no late penalties will be applied while the outage remains in place.”
We apologise to all users for any inconvenience this may cause and reassure you we are working to restore services.
At present we do not have a clear time frame for the full resumption of IT services.
— NCIRL (@NCIRL) April 5, 2021
The Tallaght campus of the Technological University Dublin (TU Dublin) was hit by the ransomware attack on Thursday morning and has impacted both IT systems and campus back-ups.
“Disruption to some ICT systems on Tallaght campus but secure remote access to key services is available,” TU Dublin says in a notice on the university’s website. “ICT Helpdesk cannot respond to requests while issues are investigated. Updates will be sent via email.”
According to an email sent to students and obtained by DataBreaches, “this attack does not include any ICT systems or processes on the City and Blanchardstown campuses.”
Students were also told not to use any of the campus IT systems until Monday, April 12, and to avoid reaching out to IT staff who is currently working on restoring impacted IT systems.
“At this early stage in the investigation, there is no indication that any data, including personal data, has been ex-filtrated, downloaded, copied or edited because of this attack,” a TU Dublin spokesperson told BleepingComputer.
“The University continues to work as a matter of urgency to restore safe access for students and staff to all our onsite ICT systems as soon as possible.”
In related news, Brown University, a private Ivy League US research university, is still working on bringing systems online after it had to disable them following a cyberattack on Tuesday.
Last month, the Federal Bureau of Investigation (FBI) Cyber Division warned cybersecurity professionals of increased Pysa ransomware activity targeting education institutions in 12 US states and the United Kingdom.
At the moment, no information is available on the ransomware gangs behind the two attacks. An NCI spokesperson was not available for comment when contacted by BleepingComputer earlier today.
Update: Added TU Dublin statement.