Ransomware attack strikes University College London in wake of May’s WannaCry episode
One month after the WannaCry attack that affected around 250,000 networks across the world, ransomware is back in the headlines again due to an onslaught on University College London, one of the UK’s largest universities with over 10,000 employees and 40,000 students.
The attack affected University College London’s (UCL) internal shared drives and resulted in several NHS Trusts in the UK shutting down their own servers as a precaution.
UCL first reported the attack by way of its Information Services Division (ISD) stating: “UCL is currently experiencing a widespread ransomware attack via e-mail. Ransomware damages files on your computer and on shared drives where you save files. Please do not open any e-mail attachments until we advise otherwise. To reduce any damage to UCL systems we have stopped all access to N: and S: drives. Apologies for the obvious inconvenience that this will cause.”
To help reassure those at the university who rely on access to the shared drives, the ISD later added the message: “We take snapshot back-ups of all our shared drives and this should protect most data even if it has been encrypted by the malware. Once we’re confident that the infections have been contained, we will then restore the most recent back-up of the file.”
Having an effective back-up programme is one of the best ways in which to protect against the impact of a ransomware attack. If data is backed-up and the organisation experiences a ransomware attack then that ransomware can be isolated and cleaned from the network, with all data then restored from the back-up. It’s not necessarily an easy process, but it means that the organisation doesn’t lose all of its data and doesn’t pay a ransom.