UK university systems held hostage with ransomware by serial hackers

Next story

Throughout the UK, 23 universities were targeted and became victims of ransomware. Students and staff had their data encrypted and held ransom, with a demand for a hefty release fee.


Ransomware is a rather nasty piece of malware that encrypts your personal files, and then tries to extort you by selling you the password to unlock your original files. That said, out of the 23 universities’ targeted, only one of the attacked called the police. Mark James, ESET IT Security Specialist, tells us why they failed to report the issue, but does reporting ransomware to the police actually help?

“I think some companies consider reporting cases of ransomware a waste of time, nevertheless it is a criminal activity, and it should be reported to the police like any other crime.

“I appreciate with so many attacks it may seem worthless, but it’s important that the authorities have all the facts in order to assign budget and resources - if they don’t know or realise how big the problem actually is, they cannot forecast resources accordingly.

“None of the universities paid any of the ransom, however it shocks me beyond belief that two of the universities in question had no anti-virus at all. Although anti-virus is not a 100% barrier, it is the first line of defence.

“As a large company or organisation, adding security protects yourself and therefore reduces the IT technicians time and resources dealing with malware attacks, and takes some of the pressure away from the users.

“Of course there’s no substitute for common sense and being careful, but it’s like not wearing a seatbelt because you’re only going to be driving at 20mph - it’s not YOU that’s the problem!

“You have to layer your protection, and anti-virus is a very important part of protecting your users and their data. It’s a small outlay compared to the devastation that can be caused when malware gets hold: the mounting costs of downtime, PR and potential loss of data could be massive.

“Malware infections sadly go hand in hand with owning a computer, but preventing successful attacks can be fairly easy. All it involves is: using a good multi-layered, regularly updating internet security product, keeping your Operating System and applications up to date, and being mindful of the attack methods used in modern day attacks, usually email links or attachments.”

Do you worry about potential malware infections on your electronic device? Would you have known to report it?

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.