One of the most prestigious universities in the UK has been struck by a ‘major ransomware attack’, which bypassed antivirus software. IT staff for UCL stated that the malware entered their network through a phishing email that was opened by several users across their campus. Once the ransomware ran, it encrypted files on local machines as well as network share drives, what UCL believes could be a zero-day attack.
The ransomware, which is still causing residual effects across UCL’s network, only attacked Windows users, with no report of Mac or Linux users being affected. As a result, UCL Information Services Division blocked access to network share drives to prevent further spread. User can view files in “Read-Only”.
“It is vital we all maintain a high level of vigilance when opening unexpected emails. If the email is unexpected or in any way suspicious then you must not open any attachment or follow any link in the email. Doing so may lead to loss of your data and very substantial disruption to the university.” said ISD staff.
The zero-day attack comes just one month after the WannaCry outbreak that affected hundreds of thousands of Windows PCs across the world.