Manchester University is currently grappling with threatening emails sent to staff and students to coerce the institution into paying a ransom.
According to BBC, following the Manchester University data breach, the hackers are now resorting to “triple extortion”. The breach was announced on June 9, which involved unauthorized access to university systems.
A university spokesperson urged all staff and students to exercise caution when dealing with suspicious emails or phishing attempts and to report any such incidents to the IT department. Meanwhile, the university is working to determine the extent of the Manchester University data breach.
“We know this will cause concern to members of our community and we are very sorry for this. Our priority is to resolve this issue and provide information to those affected as soon as we are able to, and we are focusing all available resources”, said the University of Manchester in a statement, the report stated.
Explaining the Manchester University data breach
According to the report, the Manchester University data breach might not be related to MOVEit vulnerability.
The cyber incident at the University of Manchester, confirmed on June 9, was later confirmed by Patrick Hackett, who acknowledged that an unauthorized party had gained access to some systems and likely copied data.
The university is collaborating with internal and external experts to address the incident and ascertain the extent of the Manchester University data breach.
Furthermore, the university is actively engaging with relevant authorities to address the situation, including the Information Commissioner’s Office (ICO), the National Cyber Security Centre (NCSC), and the National Crime Agency.
In the meantime, students and staff have been advised to remain vigilant against potential phishing attacks.
Moreover, a recent Microsoft report revealed that the education sector has become a prime target for hackers. Incidents like Manchester University’s data breach are just the tip of the iceberg, as over 6.8 million cyber attacks have been reported, with around 63% at the beginning of 2022.
Manchester University data breach: Hackers targeting education sector
In addition to the Manchester University data breach, the educational sector has become a prime target for numerous malicious actors.
What sets Vice Society apart from many other ransomware groups, like LockBit, is their distinctive approach.
Rather than following the conventional ransomware-as-a-service (RaaS) model, Vice Society has adopted a different strategy by incorporating modified versions of existing ransomware strains into its attack chain.
These modified strains, such as HelloKitty (FiveHands) and Zeppelin, are readily available on DarkWeb marketplaces. Vice Society prefers utilizing these pre-existing ransomware families rather than developing custom payloads.
The gravity of the situation prompted the FBI, CISA, and the MS-ISAC to release a joint Cybersecurity Advisory (CSA) in September 2022. They highlighted the disproportionate targeting of the education sector by the Vice Society, specifically through ransomware attacks.
The CSA further warned that the frequency of these attacks might escalate in the 2022-23 school year because threat actor would get more opportunities for successful hacking attempts.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.