Sunderland university
Source: Wikipedia, Credits: Komusar (CC BY-SA 4.0)

The University of Sunderland in the UK has announced extensive operational issues that have taken most of its IT systems down, attributing the problem to a cyber-attack. 

The first signs of disruption for the university’s IT systems appeared in Tuesday morning, but remain widely impactful and unresolved. 

The attack appears to have taken down all telephone lines, the official website, the main email servers, library WiFi, on-premise PC/laptop access, printing, and all online portals that students use for accessing eBooks, journals, and other services. 

Message on the main site
Message on the official website of the university
Source: sunderland.ac.uk

Unfortunately, there is no estimate on when the systems will be up and running again, as the attack appears to be still in the containment phase. 

Students who don’t have any urgent queries are advised to follow the university’s social media channels for updates on the situation, as the only operating inbox is overwhelmed. 

Also, an alternative domain has been set up on “uostoday.sunderland.ac.uk” to provide some updates to concerned students, but don’t expect any services to be offered through there. 

Impact on students

The University of Sunderland is a public research institute that has about 20,000 students, so the disruption from the cyber-attack affects a notable number of people. 

As expected, this incident has caught some students at a critical point in their studies, and some of them are dealing with pressing visa application or other deadlines. 

A spokesperson for the university has sent the following comment to BleepingComputer:

The University is now working with a number of agencies, including the police, to find out what exactly what has happened and the extent of the problems.

Students are being encouraged to come onto all University campuses where face-to-face teaching is continuing and information help-desks will be available to offer guidance and support.

For those studying further afield, plans have been made to ensure they can continue doing so, with minimum disruption.

We take the security of our systems extremely seriously and will work to resolve the situation as quickly as possible.

Likely a ransomware attack

Although the University of Sunderland hasn’t mentioned a ransomware attack, the extensive outage that has been caused makes this scenario likely. 

There has been a string of ransomware attacks on universities in the past year, with some notable examples from the region being the attacks against TU Dublin, and the Newcastle University

A national survey conducted in 2020 revealed that roughly 25% of all universities in the United Kingdom have suffered a ransomware attack at least one since 2013. 

Ransomware actors target large educational institutes because they believe they are good candidates for paying quickly and having their systems back up and running again. 

In most cases though, we see that these entities prefer to restore from backups and accept whatever data leaks may have taken place during the cyber-attack as an inevitable side-effect.