The malware made its way onto the university's network on 14 June through a phishing email and started to spread, infecting user accounts and shared drives. The university's systems were not alerted to any viruses or suspicious activity, suggesting that this could be a zero-day attack.
The information security team disabled a number of drives to try and stem the spread of the malware and, the department declared, “UCL's information Security team is actively working with the affected users to identify the source of the infection and to quarantine their machines and file-stores.”
The affected drives have since been made read-only and some system storage has been taken offline.
As of 8am, the department said, “UCL continues to be subject to a cyber-attack although we have taken action to stop the spread of the malware.”
The University has warned users not to open any attachments or links within suspicious emails and to report them.
University College London Hospitals have also closed their email servers in a bid to protect themselves from a ransomware infection. So have Barts Health NHS Trust and East and North Herts NHS trust. A large ransomware campaign last month infected dozens of NHS trusts and paralysed services.
Universities “have the worst of both worlds, Vince Warrington, founder of Protective Intelligence Ltd, told SC Media UK, "they're not like normal businesses where you have a lot of control over what people access."
Firstly, university's are often treasure troves of valuable information and private research. Faculty will often have particular computing demands, or run pieces of software that only run on particular operating systems. On top of that, added Warrington you've got a whole student body who will expect an internet surfing experience that is identical to their ones at home: "its very difficult to bolt it down - I'd be amazed to find a UK university which could completely filter out pornography."
Its an unenviable position: “you've got research which people would be interested in getting hold of and your a multi million pound business as well and you're also having to provide thousands of students with free internet access and allow them to do whatever they want."