Cactus Ransomware Hits London School of Science & Technology

Incident Date: Nov 01, 2024

Attack Overview

VICTIM

London School of Science & Technology

INDUSTRY

Education

LOCATION

United Kingdom

ATTACKER

Cactus

FIRST REPORTED

November 1, 2024

Request Removal

Cactus Ransomware Group Targets London School of Science & Technology

The London School of Science & Technology (LSST), a prominent private higher education institution, has fallen victim to a ransomware attack orchestrated by the notorious Cactus Ransomware Group. This breach highlights the increasing vulnerability of educational institutions to sophisticated cyber threats.

About the Victim: LSST

Established in 2003, LSST operates campuses in London, Luton, and Birmingham, offering a range of degree programs in Business Management, Computing and IT, and Health and Social Care. The institution is known for its inclusive educational approach, catering to a diverse student body, including mature and international students. With approximately 375 employees and a reported annual turnover of £58.8 million, LSST is a significant player in the educational sector. Its partnerships with universities like Buckinghamshire New University and the University of West London further enhance its reputation.

Attack Overview

The Cactus Ransomware Group claims to have exfiltrated 845 GB of sensitive data from LSST, including personally identifiable information, financial records, and internal correspondence. The group has provided proof of the breach on their dark web portal, underscoring the severity of the situation. This attack not only threatens the privacy of students and staff but also poses a significant risk to the institution's operations and reputation.

About the Cactus Ransomware Group

Identified in March 2023, the Cactus Ransomware Group has quickly gained notoriety for its sophisticated tactics, including exploiting vulnerabilities in VPN appliances and employing double extortion methods. The group encrypts data and threatens to leak it if the ransom is not paid, distinguishing itself with its rapid adaptation to new vulnerabilities. Cactus is known for its ability to evade detection through advanced encryption techniques, making it a formidable threat in the cyber landscape.

Potential Vulnerabilities

Educational institutions like LSST are particularly vulnerable to ransomware attacks due to the vast amounts of sensitive data they hold and the often limited cybersecurity resources available. The Cactus group likely penetrated LSST's systems by exploiting known vulnerabilities in VPN devices or through phishing attacks, a common entry point for such cyber threats.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.