Madras University comes under Ransomware attack
Attackers after encrypting the data allegedly demanded Rs 18 lakh to decrypt it.
CHENNAI: The database of the University of Madras faced a serious threat in the form of Ransomware (a malicious software) attack on Monday following which the data was encrypted and the attacker demanded a ransom of Rs 18 lakh to restore access to the data.
But, the university escaped the attack as it had stored the back-up data on the non-network system. The technical team was able to recover the backup data and restored it in the new server within two hours of the attack, sources in the university said.
The Ransomware is being delivered through various ways including mail. When one of the staff members opened a mail with malware, it had encrypted all the data in the data server and denied access.
“It displayed a message saying that your data is encrypted. Further, the attacker demanded a ransom of '18 lakh to provide access again,” sources said.
Immediately, the technical team took over and analysed the log details. The first relief to the technical team was that the data was not exposed to outside.
The university has two servers - the front end server which is application server and data server. Normally, the data server is not exposed to the outside world and thereby limiting the chances of hacking it.
“There is no hacking. It is only malware. We identified the malware and immediately took up the precautionary measures and disconnected the server. We took the back up data and restored the server within two hours,” says Professor K.Sivaji, director, Network Operation and Edusat Programmes, University of Madras.
“Fortunately, the server was not hacked directly. There is no copying of data. The data is absolutely safe,” he further said.
He also said that the encrypted data does not include any critical data related to students, staff members and financial matters. “The data related to routine affairs only encrypted,” he said adding not a single data was lost in the ransomware attack.
The university plans to go for a security audit and will put some more security measures to avoid such incidents in future.
“There is one firewall available for the entire institution. Now we are going for a group-wise firewall. Based on the recommendation, we will go for level 2 and level 3 security measures,” the professor Sivaji added. Currently, the students are registering for semester exams.
“Due to the registration for semester exams, we had instructed our technical team to back up data on daily basis. So, we had no data loss and
recovered 100% data,” said P.Duraisamy, Vice-Chancellor, University of Madras.
“The online payment for the university is being handled by the Indian Bank and State Bank of India. We are using the payment gateway of nationalized banks to reduce the threat of cyber attacks,” the Vice-Chancellor said.
The cybersecurity experts said the upgradation of security will reduce the future threat. “If any outside threat is detected, the alert would be given and the server would automatically shut down,” they said.