Ransomware attack takes out UK Research and Innovation's Brussels networking office • The Register
'Sensitive' personal data not accessed – so what about names and contact deets?
Gareth Corfield Mon 1 Feb 2021 // 16:24 UTC SHARE
UK Research and Innovation, the British government's science and research organisation, has temporarily turned off a couple of its web-facing services after an apparent ransomware attack.
In a statement issued last week while everyone was gazing goggle-eyed at the European Union's vaccine export struggles, UKRI said data from its Brussels-based UK Research Office (UKRO) and an extranet service had been "encrypted by a third party".
"We have reported the incident to the National Crime Agency, the National Cyber Security Centre and Information Commissioner's Office," said UKRI, which apologised to all affected and added that analysis of the attack was ongoing.
UKRO's subscription service, used by academics interested in news about upcoming EU-funded research projects and funding opportunities, has about 13,000 subscribers, according to UKRI. The body added that this "does not contain sensitive personal data."
Sensitive personal data has the same legal meaning in Britain as it does in the EU. According to the EU Commission, it means "personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs", as well as data about one's membership of a trade union, health data, genetics, biometrics, sexual orientation and so on.
In contrast, common-or-garden personal data – as might be collected by a government-sponsored networking organisation – includes such things as your name, phone number, email address, employer, and contact address.
At the time of writing, all pages of the UK Research Office's website were redirecting to UKRI's statement about the cyber attack.
Although UKRI did not use the term ransomware, a cyber attack that results in data being encrypted is likely to be an attempt to extort a ransom from the organisation whose data has been scrambled.
Jake Moore, a cybersecurity specialist at Slovakian infosec biz ESET agreed, saying in a statement: "Theoretically, every time there is a ransomware attack, organisations should learn from other companies' mistakes. Whether this is preparing to fail – having protection in place for when a successful attack occurs – or by learning how others dealt with the aftermath, there are multiple case studies to heed advice from."
He continued: "Suspending services may sound extreme, but organisations are often far better positioned to deal with the consequences of a cyber attack while offline, as they can fully inspect the damage and mitigate further upheaval."
UKRI's work touches on the tech industry: a couple of years ago it was the lead body on the government's Digital Security by Design project, which featured Arm, among other companies. The organisation also awards contracts on behalf of UK.gov, as seen in October 2019 when Cray landed a £48m deal for a 28-petaFLOPS supercomputer.
Gareth Corfield Mon 1 Feb 2021 // 16:24 UTC SHARE
UK Research and Innovation, the British government's science and research organisation, has temporarily turned off a couple of its web-facing services after an apparent ransomware attack.
In a statement issued last week while everyone was gazing goggle-eyed at the European Union's vaccine export struggles, UKRI said data from its Brussels-based UK Research Office (UKRO) and an extranet service had been "encrypted by a third party".
"We have reported the incident to the National Crime Agency, the National Cyber Security Centre and Information Commissioner's Office," said UKRI, which apologised to all affected and added that analysis of the attack was ongoing.
UKRO's subscription service, used by academics interested in news about upcoming EU-funded research projects and funding opportunities, has about 13,000 subscribers, according to UKRI. The body added that this "does not contain sensitive personal data."
Sensitive personal data has the same legal meaning in Britain as it does in the EU. According to the EU Commission, it means "personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs", as well as data about one's membership of a trade union, health data, genetics, biometrics, sexual orientation and so on.
In contrast, common-or-garden personal data – as might be collected by a government-sponsored networking organisation – includes such things as your name, phone number, email address, employer, and contact address.
At the time of writing, all pages of the UK Research Office's website were redirecting to UKRI's statement about the cyber attack.
Although UKRI did not use the term ransomware, a cyber attack that results in data being encrypted is likely to be an attempt to extort a ransom from the organisation whose data has been scrambled.
Jake Moore, a cybersecurity specialist at Slovakian infosec biz ESET agreed, saying in a statement: "Theoretically, every time there is a ransomware attack, organisations should learn from other companies' mistakes. Whether this is preparing to fail – having protection in place for when a successful attack occurs – or by learning how others dealt with the aftermath, there are multiple case studies to heed advice from."
He continued: "Suspending services may sound extreme, but organisations are often far better positioned to deal with the consequences of a cyber attack while offline, as they can fully inspect the damage and mitigate further upheaval."
UKRI's work touches on the tech industry: a couple of years ago it was the lead body on the government's Digital Security by Design project, which featured Arm, among other companies. The organisation also awards contracts on behalf of UK.gov, as seen in October 2019 when Cray landed a £48m deal for a 28-petaFLOPS supercomputer.