Cyberattack halts “poor value” remote learning for Sunderland students

By Robert Scammell

A suspected cyberattack against the University of Sunderland in the UK has left staff and students unable to access emails, remote learning systems and telephone lines.

The university made the IT disruption public on Tuesday morning but as of Thursday its systems remain significantly affected.

The police have been contacted, the University of Sunderland said, while it works to get its computer systems back online. Its website is currently inaccessible and displays a notice that it is undergoing “essential maintenance”.

A University of Sunderland spokesperson said in a statement: “The University continues to experience extensive IT disruption issues believed to have been caused by a cyberattack. The University is now working with a number of agencies, including the police, to find out what exactly has happened and the extent of the problems.”

It added that the disruption had “all the hallmarks of a cyberattack” but did not share further details.

The university has been forced to cancel online classes but said in-person lectures are still going ahead – a reversal of the position universities were in at the height of the pandemic.

Students at Sunderland and universities across the UK had previously said that paying £9,000 per year in tuition fees for largely online classes was a “waste” of money.

Some universities, including Manchester, have moved to keep lectures permanently online without any reduction in tuition fees, sparking a fierce backlash among students.

Last month the Organisation for Economic Co-operation and Development (OECD) said that remaining online-only would mark a failure by universities to offer value for money to students and risk them being overtaken by more competitive digital providers.

While the University of Sunderland didn’t specify details about the suspected cyberattack, cybersecurity experts said it was likely to be a ransomware attack.

Ransomware attacks against the education sector have been on the rise, with the UK’s National Cyber Security Centre (NCSC) publishing an alert in June warning of the heightened threat.

Ransomware is a type of malware that locks the victim out of their files and network, demanding a payment – usually in cryptocurrency – to decrypt their files.

The NCSC’s alert followed cyberattacks against Newcastle University and Northumbria University, with the latter leading to cancelled exams. Other universities hit by ransomware attacks in the past two years include Central Lancashire, Hertfordshire, Northampton, Portsmouth, Queen’s University Belfast and the University of the Highlands and Islands.

The University of Sunderland said on Thursday it is delaying the opening of applications for graduations due to the IT disruption while teachers took to social media to stress that they weren’t ignoring students’ emails.

“Universities are a popular target with attackers, and this is purely down to the sheer amount of data that they hold on their systems and the number of possible breach points,” said Laurence Pitt, global security strategy director at Juniper Networks. “From vast numbers of student and staff records to research information and projects, the nature of educational institutions means access to data is kept as open as possible – but with this comes serious cyber risks.”

Danny Lopez, CEO at Glasswall Solutions, said: “Educational institutions should adopt a ‘defence-in-depth’ approach to cybersecurity, as advised by the NCSC. This means using multiple layers of defence with several mitigations, which creates more opportunities to detect malware and prevent it from doing widespread harm to the institution.”