A lethal cyberattack has targeted a university, knocking out its online learning facilities and dedicated IT systems.

A devastating and disruptive attack

The University of Hertfordshire has been hit by a malicious attack that rendered its multiple systems offline, including local networks, email service, Wi-Fi, data storage, VPN and tools for online learning communications such as Zoom, Teams and Office 365.

The UK university recently announced it had been struck by attackers via an online update posted on its website:

“Shortly before 22:00 on Wednesday 14 April, the University experienced a cyber-attack which has impacted all of our systems, including those in the Cloud such as Canvas, MS Teams and Zoom.”

It added that due to the cyberattack on Wednesday, all of its scheduled online classes would have to be cancelled for both Thursday and for Friday.

In line with UK government guidelines regarding social distancing to stop the spread of COVID-19, the university’s current restrictions on classes conducted in person has required the majority of the educational institution’s students to learn online. This has been made possible using innovative communication applications built for video conferencing, such as Zoom.

At present, the government is allowing a small portion of students to benefit from in-person tutelage providing they need specialist equipment inaccessible in a home study environment. However, it has ruled out a complete return to campus until May 17 at the earliest.

Surge in cyberattacks aimed at education sector

The University of Hertfordshire confirmed that the recent outage could potentially affect students who need to submit assignments, however it gave assurances that no students would be put at a disadvantage as a result. Providing computer access was not a prime requisite, students were permitted to visit the campus.

A notification from the university explained:

“You will not be able to access computer facilities in the LRCs, Labs or the University Wi-Fi. Remote access to specialist software and PCs is currently unavailable.”

At present, the exact type of attack faced by the University of Hertfordshire has not been revealed.

However, the Hatfield-based university is not the first educational facility to feel the negative effects of a cyberattack since the pandemic gained ground in March last year. The UK’s National Cyber Security Centre (NCSC) issued a warning to universities and colleges around the country in 2020 and again last month, acknowledging a spike in attacks aimed at educational institutions by threat operators.

The NCSC commented:

“In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records, as well as data relating to COVID-19 testing.”

The University of Newcastle was forced offline in September that year and in 2021, this trend has continued. South City College in Birmingham faced a ransomware attack last month that impacted eight of its sites, and in February a cyberattack was aimed at an Oxford University lab.

Since they provide important ongoing educational services, universities make prime targets for cybercriminals hoping to cause chaos or demand ransoms using their disruptive tactics.