University of Duisburg-Essen Suffers Ransomware Assault, According to Vice Society
The University of Duisburg-Essen (UDE) in Germany has been hit by a ransomware attack in November 2022, according to an announcement made over the weekend. The attack, which led to data being published on the dark web, was initially claimed by the ransomware group "Ransom Cartel."
The university's IT infrastructure was swiftly shut down and disconnected from the network following the discovery of the attack. UDE stated that the attackers' highly professional approach and criminal intent were evident in the attack.
In 2022, education was the most highly targeted vertical for publicly disclosed ransomware attacks, with Vice Society claiming the majority of those incidents, according to BlackFog CEO Darren Williams. Vice Society, believed to be behind the UDE attack, has previously conducted ransomware attacks on various institutions, including the Cincinnati State Technical and Community College, the Medical University of Innsbruck, and the Los Angeles Unified School District.
Over 50% of these ransomware attacks involving data exfiltration, and the number is expected to increase as data breaches are reported several months later, explained Williams. In the case of UDE, Vice Society claimed responsibility for the attack and published some stolen data on the dark web.
UDE made it clear that they did not comply with the attackers' ransom demands, a decision commended by Rapid7's SVP chief scientist, Raj Samani. Rapid7 recommends implementing technologies and security controls that protect data in addition to detecting potential intrusions or lateral movement, such as through the use of file encryption.
If the breach affects people or institutions, they will be informed as soon as possible by UDE. The published data is currently being evaluated by the university. The university's security measures are based on the Federal Office for Information Security (BSI) standards and the BSI IT baseline protection methodology.
This incident serves as a reminder for institutions worldwide to strengthen their cybersecurity measures to protect against such attacks. As ransomware attacks continue to increase, it is crucial for institutions to be proactive in their approach to cybersecurity.
