Ransomware Attack by INC Ransom Hits University and College Union

Incident Date: Aug 25, 2024

Attack Overview

VICTIM

The University and College Union

INDUSTRY

Education

LOCATION

United Kingdom

ATTACKER

Inc Ransom

FIRST REPORTED

August 25, 2024

Request Removal

Ransomware Attack on The University and College Union by INC Ransom

About The University and College Union

Established on June 1, 2006, through the merger of the Association of University Teachers (AUT) and the National Association of Teachers in Further and Higher Education (NATFHE), UCU is the largest post-school union globally. The union advocates for the rights and interests of academics, lecturers, trainers, researchers, and support staff across further and higher education institutions in the UK. UCU's primary objectives include advocating for fair pay, job security, and improved working conditions for its members. The union also campaigns against the casualisation and privatization of academic work, promoting stable employment and public funding for education.

Attack Overview

INC Ransom has claimed responsibility for the attack on UCU via their dark web leak site. The attackers allege that they have gained access to sensitive data and have posted sample screenshots as evidence. This breach highlights the vulnerabilities within educational institutions, which often lack the necessary cybersecurity infrastructure to fend off sophisticated cyber threats.

About INC Ransom

INC Ransom is a highly sophisticated cybercriminal group known for its targeted ransomware attacks on various industries, including healthcare, education, government entities, and technology companies. The group employs advanced techniques such as spear-phishing campaigns and exploiting vulnerabilities like CVE-2023-3519 in Citrix NetScaler. INC Ransom's modus operandi involves double extortion, where they not only encrypt data but also steal it and threaten to release it publicly to increase pressure on victims to comply with ransom demands.

Penetration and Vulnerabilities

While the specific details of how INC Ransom penetrated UCU's systems are not publicly disclosed, it is likely that the group used a combination of spear-phishing and exploiting known vulnerabilities. Educational institutions like UCU are often targeted due to their extensive databases of sensitive information and sometimes inadequate cybersecurity measures. The attack on UCU serves as a stark reminder of the evolving and sophisticated nature of cyber threats, emphasizing the importance of strong cybersecurity defenses.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.