College cyber-attack is still causing problems

A major cyber-attack on the University of the Highlands and Islands has still not been resolved -- two months after it was first reported.

Thursday, 6th May 2021, 12:00 am

Police investigations into the ransom demand -- which was rejected and subsequently triggered a series of network problems -- is continuing. The size of the demand is not being revealed but is thought to have been significant.

The online teaching programme remained largely unaffected. However, back-up systems such as administration and accounting were particularly hit. UHI said there had been no breach of data protection.

A spokesperson said their IT specialists are dealing with the situation and are having to undertake a “system rebuild”.

While the Gazette understands that UHI has continued to function in terms of its services to students, the malware attack has disrupted other key operations of the network. While the details are not known, it is expected that the final bill for repair will spiral into the thousands.

Students began a phased return to UHI colleges last week after a year in which they had to rely entirely on online teaching.

Due to the nature of the UHI set-up, with 13 different centres stretching from Perth to Argyll and Shetland to the Western Isles, there is a heavy reliance on online classes and video conferencing. Lews Castle College in Stornoway, one of the main UHI centres, has remote learning facilities in Benbecula, where they specialise in traditional music, and Barra.

A UHI spokesperson said: ““In March, the University of the Highlands and Islands partnership experienced a cyber incident, which caused some disruption to our systems and networks across our campuses. We contained the incident and thanks to our robust backup systems, we were able to minimise the impact of this incident, particularly to our students and their learning experience.

“Our IT team and data security colleagues are working together with external experts to investigate the full scope of the incident and are progressing well with the ongoing system rebuild. We take all matters of cyber security extremely seriously and, as this relates to matters of security, we cannot go into further detail.”

Cyber-attacks are becoming increasingly common and complex. Last Christmas Eve, SEPA was subjected to an attack which “significantly impacted our contact centre, internal systems and communications”. At the time police indicated the “likely” involvement of international organised crime groups. Four years ago the Scottish Parliament was similarly targeted.

In relation to the on-going UHI investigation, a police spokesperson said: “Enquiries are continuing.”

Just days before the UHI attack emerged, a national conference was held at which a new framework for protecting against cyber-attacks was launched.

The CyberScotland Partnership brings together 10 organisations and provides a one-stop web portal offering a range of information to help companies and public bodies. Scottish Government Minister for Innovation, Trade and Public Finance, Ivan McKee, said cyber risk has to be seen as a risk for all organisations across the public, private and third sectors.