Munster Technological University ransomware attack

Last updated
Munster Technological University ransomware attack
Date7 February 2023 (2023-02-07)
Venue Munster Technological University
LocationIreland
Type Cyberattack, data breach, ransomware
Target Munster Technological University
Outcome
  • Closing of MTU's Cork campuses for one week
  • Stolen data published on the dark web
Suspects Blackcat

In early February 2023, Munster Technological University suffered a ransomware cyberattack which caused the temporary cancellation of all full and part-time classes affecting the Bishopstown campus, as well as Crawford College of Art and Design, Cork School of Music and National Maritime College of Ireland in Ringaskiddy. [1]

Contents

Background

On 7 February 2023, Munster Technological University (MTU) announced that it was investigating a significant breach of the information technology and telephone systems that had occurred over the previous weekend. Systems such as email, HR, payroll and finance were not affected. [2] In a later announcement the same day, MTU stated that its Cork campuses would remain closed to protect staff and student data, but that MTU's Kerry campuses were not affected. [3]

On 9 February 2023, the university confirmed that it was a ransomware attack. [4] The National Cyber Security Centre stated that some of their staff were working onsite at the university to assist with forensic examination of systems and recovery. HEAnet also reportedly provided some advice and support. [5]

Impact

The ransomware attack caused all of MTU's campuses in Cork to close for approximately one week. [6] [7]

On 11 February, the university told the High Court that it was being blackmailed by Blackcat, a Russian cybercrime group. [8] [9] The university had received a ransom note threatening to sell and or publish data if the ransom was not paid by a certain deadline. The amount was described as "significant money" but not disclosed in open court. [10]

On 12 February, it was confirmed that data from its systems had been made available on the "dark web". [11] [12]

MTU reportedly reopened and operated all classes "in line with existing schedules" from 13 February 2023. [13]

Response

As of 9 February 2023, the university was reportedly working with the Gardaí, the National Cyber Security Centre and the Data Protection Commissioner. [14]

The Minister of State for Public Procurement and eGovernment, Ossian Smyth, said that the attack was similar to the 2021 cyberattack on the HSE in that it included threats to delete data and to publish data that had been copied. [15]

References

  1. O'Donovan, Brian (7 February 2023). "MTU campuses to close following 'significant' IT breach". RTÉ News . Retrieved 9 February 2023.
  2. O'Donovan, Brian (7 February 2023). "MTU in 'close contact' with authorities over IT breach". RTÉ News . Retrieved 9 February 2023.
  3. McGowran, Leigh (7 February 2023). "MTU closes Cork campuses due to 'significant' IT breach". Silicon Republic . Retrieved 12 February 2023.
  4. McGowran, Leigh (9 February 2023). "MTU confirms Cork IT breach was caused by ransomware attack". Silicon Republic . Retrieved 12 February 2023.
  5. Moore, Jane; O'Connor, Niall (9 February 2023). "MTU Cork confirms hackers have encrypted university data and demanded a ransom". TheJournal.ie . Retrieved 9 February 2023.
  6. Kelleher, Eoin (10 February 2023). "MTU to resume business next Monday after crippling cyber attack". EchoLive.ie . Retrieved 12 February 2023.
  7. Clarke, Vivienne (9 February 2023). "MTU to close Cork campuses until next week following cyberattack". BreakingNews.ie. Retrieved 12 February 2023.
  8. "MTU being blackmailed and held to ransom, court hears". RTÉ News. 11 February 2023. Retrieved 12 February 2023.
  9. Ó Faoláin, Aodhán (11 February 2023). "Hackers threaten to publish 'confidential' MTU data unless ransom is paid, High Court told". The Irish Times . Retrieved 12 February 2023.
  10. O Faolain, Aodhan (11 February 2023). "Russian hacker group BLACKCAT demanded 'significant money' from MTU". TheJournal.ie . Retrieved 12 February 2023.
  11. Kane, Conor (12 February 2023). "Stolen data made available on dark web, says Munster Technological University". RTÉ News . Retrieved 12 February 2023.
  12. Griffin, Niamh (12 February 2023). "Data accessed in MTU cyberattack shared on 'dark web'". Irish Examiner . Retrieved 12 February 2023.
  13. "MTU reopens after IT breach". RTÉ.ie . 13 February 2023.
  14. Costa, Imasha (9 February 2023). "MTU Cork confirms major IT breach caused by ransomware attack". Cork Beo . Retrieved 12 February 2023.
  15. English, Eoin (10 February 2023). "Teaching to resume on MTU's Cork campuses following ransomware attack". Irish Examiner . Retrieved 12 February 2023.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.