The University of Cambridge, along with several other UK higher education institutions, has fallen victim to a distributed denial-of-service (DDoS) attack.
This cyber assault targeted the Janet Network, a crucial data-sharing platform that enables the academic community to exchange data online.
Stuart Rankin, Cambridge’s Head of User Services, communicated the incident to students via email, confirming that the disruption was indeed caused by a DDoS attack. Rankin described the attack as a flood of traffic originating from compromised computers, which severely hampered the university’s operations and rendered key IT platforms inaccessible.
The attack was publicly claimed by the DDoS threat group, Anonymous Sudan. The group stated its motive was to protest the UK’s unwavering support for Israel amidst the ongoing conflict in Gaza and the bombing campaigns in Yemen. Through a message on its Telegram channel, Anonymous Sudan announced responsibility for the cyberattacks on both the University of Cambridge and the University of Manchester, citing these reasons.
This cyber offensive against Cambridge University occurred amidst efforts to restore the university library’s electronic legal deposit systems. These systems, operated by the British Library, had previously suffered a cyberattack in October. The British Library’s encounter with the Rhysida ransomware group led to the public posting of stolen data after the library refused to meet the ransom demands.
Keiron Holyome, VP UKI & Emerging Markets, BlackBerry Cybersecurity said: “As reports of ransomware and other cyber intrusions become disturbingly more routine, universities and governments alike must recognise the need to prioritise cybersecurity as a matter of national, economic, business, and personal security.
“Universities are an easy target. IT support is often limited, budgets tight, and many use standard software provided to the education sector. If a vulnerability is found in that software, it won’t take long for the criminals to find it and exploit it.
“The threat environment for most universities has rapidly expanded over recent years to embrace remote learning, apps, mobile devices, and a host of other connected learning technologies. More connections with often-unsecured devices owned by students themselves dramatically expands the surface area for attack.
“Adding to this, AI is already – and will continue – reshaping the way that cybercriminals develop more specialised skills, develop more successful phishing attacks, and create more effective malware. As the maturity of generative technologies and the hackers’ experience of putting them to use progress, it will get more and more difficult for educational institutions to raise cybersecurity defences without deploying technology that uses AI in the fight against AI. Educators must therefore put the groundwork in now and take the necessary steps to properly secure their data if they are to maintain a bright future for the nation’s academic community.”
