UK Research and Innovation (UKRI), a public body that manages research grants and supports innovative businesses in the UK, has disclosed a ransomware attack that has disrupted services and potentially led to data theft.
The cyberattack has impacted two of UKRI’s services: a portal used by the Brussels-based UK Research Office (UKRO), and an extranet known as the BBSRC, which is utilized by the nine research councils that make up UKRI.
According to the group, the attack has resulted in “data being encrypted by a third party,” implying that ransomware is at fault and that the hackers will likely demand a payment in return for a decryption key.
The UKRO portal is used to provide information to the group’s roughly 13,000 subscribers, while the extranet provides the infrastructure for peer review processing. If data has indeed been stolen, this may include grant applications, expense claims, and peer review information. For now, UKRI has suspended both services.
The attack has been reported to the UK’s National Crime Agency (NCA), the National Cyber Security Center (NCSC) and the Information Commissioner’s Office (ICO).
“At this stage, we cannot confirm whether any of that data was extracted from our systems whilst investigations continue,” the group says. “We are working to securely reinstate impacted services as well as conducting forensic analysis to ascertain if any data was taken, including the potential loss of personal, financial or other sensitive data. If we do identify individuals whose data has been taken we will contact them further as soon as possible.”
Source: ZD Net
Combatting Heightened Cybersecurity Risks to University-Based IP Due to Remote Work is a practical and timely distance learning program that addresses the growing cyber threats to your institution and its confidential research assets, led by a world expert on university cybersecurity from Baker Tilly. Click here for details.
No Comments so far ↓
There are no comments yet...Kick things off by filling out the form below.