The University of Cambridge is consistently ranked among the top universities in the world, with its medical school and extensive research facilities to the very best. But over the past month, staff at the prestigious medical school have been hampered by “malicious activity” on the computer network.
An emailed “staff message” seen by WIRED, believed to have been sent in late February, alerted staff to the disruption and said the university was working to get systems back online as quickly as possible. However, weeks later, the incident is still ongoing and little information has been made public about the nature of the incident.
“IT services provided by the Clinical School Computing Service (CSCS) have been disrupted by malicious activity,” says the email reviewed by WIRED. “We appreciate that some staff and students are experiencing significant disruptions to their work and studies, and we are grateful for their patience and understanding.”
The university confirmed to WIRED that its systems were affected; that some services have been voluntarily taken offline; and although the incident has been ‘under control’, the disruption is still ongoing and the investigation is likely to take some time. No data has been collected, it says. The UK’s national cyber security agency and the country’s data regulator are both also investigating the events
The email sent to staff last month said a “Critical Incident Management Team” had been established to handle the response. At the time the message was sent, the email said, there was no access to the local IT network and Wi-Fi, and wired Internet access was disabled in the affected buildings, while Wi-Fi was previously enabled. the same day.
The CSCS provides IT support to staff and researchers at the university’s School of Clinical Medicine. A archived version of his website says there are more than 5,800 devices on the network, and the team provides computers and servers to staff. The email from WIRED states that the CSCS also serves the Department of Zoology, Sainsbury Laboratory, which conducts research into plant life; the Stem Cell Institute; and the School of Biological Sciences’ Milner Institute, which conducts research into emerging therapies. They are all affected.
A spokesperson for the University of Cambridge confirmed the incident to WIRED, saying “malicious activity” was found on the Clinical School Computing Service last month. “We took immediate action to contain the incident, including voluntarily taking a number of systems offline,” the spokesperson said in a statement. “As a result, there is ongoing disruption to some services.”
It is not clear what the ‘malicious activity’ entails and whether the activity is an attack by criminal hackers or an incident of another nature. Several university department staff members did not respond to questions from WIRED about whether their work or research was disrupted or directed questions to the press office because they are not authorized to speak about the incident.
The university spokesperson did not describe the nature of the problem; However, they said a business continuity plan has been implemented to minimize disruption, and all other university and college IT systems are operating normally and are unaffected. “This will probably take some time,” the spokesperson said of the ongoing investigation. “Investigations found no evidence that data was collected or transferred without consent. We have also received assurances from third parties that the incident is under control.” They say the situation has evolved since the email seen by WIRED was sent, and it is not possible to characterize the level of disruption across all departments.