UK Research and Innovation (UKRI), the a non-departmental public body responsible for allocating research and innovation funding, has been hit by a ransomware attack.
In a statement published last week, the organisation said that an IT incident, which is being treated as a cyberattack, has “impacted a number of UKRI-related web assets”, leaving data encrypted by a third party.
Go deeper with GlobalData
Access deeper industry intelligence
Experience unmatched clarity with a single platform that combines unique data, AI, and human expertise.
Two services impacted by the attack are a portal for the UK Research Office, and an extranet used by UKRI councils. Both services have been suspended during the investigation and UKRI is working to restore them as soon as possible. No other UKRI systems are thought to be impacted.
UKRI said it could not yet confirm whether any data had been extracted during the attack. It has reported the incident to the National Crime Agency, the National Cyber Security Centre and the Information Commissioner’s Office and is carrying out forensic analysis to determine whether any data was taken.
Jake Moore, cybersecurity specialist at ESET said that suspending services is often the best way to begin dealing with a ransomware attack:
“Theoretically, every time there is a ransomware attack, organisations should learn from other companies’ mistakes. Whether this is preparing to fail – having protection in place for when a successful attack occurs – or by learning how others dealt with the aftermath, there are multiple case studies to heed advice from.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalData“Suspending services may sound extreme, but organisations are often far better positioned to deal with the consequences of a cyber attack while offline, as they can fully inspect the damage and mitigate further upheaval. With greater risk if sensitive data is released, it is far safer to suspend services that have been compromised until thorough checks have been made and more robust protection is in place.”
Read More: Hackers publish thousands of Scottish Environment Protection Agency files online.
