MTU confirms Cork IT breach was caused by ransomware attack

9 Feb 2023

MTU Cork School of Music. Image: MTU

MTU said it is working with national security experts to restore its encrypted systems, while classes remain cancelled at its Cork campuses.

Munster Technological University (MTU) has confirmed the cause of its recent IT breach was an attempted ransomware attack.

The university was forced to close its Cork campuses earlier this week due to a “significant” breach and telephone outage. This closure was to last two days but has been extended to 13 February.

In an update, MTU said a cyberattack encrypted certain systems “for the purpose of demanding a ransom”. The university’s IT team detected the attack last weekend and took “immediate steps” to intercept and manage it.

The cyberattack targeted MTU’s Cork campuses, with its locations in Kerry remaining unaffected.

MTU said that following the incident it has been in “close and ongoing contact” with the National Cyber Security Centre, the Data Protection Commission and An Garda Síochána.

The university said it has engaged “highly specialised services” and is working with national experts to investigate the extent of the attack and the safest recovery process.

“The nature and extent of this incident, including what data may have been breached, remains under investigation,” MTU said in an update post. “Students and staff do not need to take any action at this time and MTU will notify any affected individuals in line with our data protection obligations.”

It is unclear how long the Cork campuses will remain impacted by the cyberattack. In an earlier update, MTU said outdoor facilities at the Cork campuses will reopen today (9 February) for certain activities such as sports training.

The university said it is planning a “phased and managed return to teaching and learning” from Monday 13 February. This phased approach is being taken to follow structured and cautious protocols.

Cybercriminals have been known to target important sectors to increase the chance of ransom demands being met, such as the “significant and serious” attack on Ireland’s Health Service Executive in 2021.

In recent cybersecurity predictions for 2023, Spencer Starkey of Sonicwall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.

“Furthermore, both these industries are increasing their IoT footprint which will make them more susceptible to digital attacks,” Starkey said.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic