back to article Brit college forced to shift all teaching online for a week while it picks up the pieces from ransomware attack

An English college has temporarily closed all eight of its campuses and moved all teaching online after a "major" ransomware attack "disabled" its IT systems. South and City College Birmingham (SCCB) has told its 13,000 students that all lectures will now be delivered via the web – and has urged them to stay away from the …

  1. Roger Kynaston Silver badge
    Mushroom

    nuke them from orbit

    Hasn't our (idiot) Prime Minister put in an order for more trident warheads for precisely this purpose.

    On a more practical note, it seems to me that organisations are going to need to invest in robust backup and restore processes and systems so as to not be vulnerable to these scumbags.

    1. Potemkine! Silver badge

      Re: nuke them from orbit

      Isn't nuking colleges a little bit extreme? ^^

    2. IGotOut Silver badge

      Re: nuke them from orbit

      I left, but still working...although that's to that thing that's going around, that's turned to shit as well.

      But besides that, best move I made.

      No more worrying if the phones going to ring. No more working over because it "has" to be sorted NOW! No more worrying about what next day will bring. No more irritating, lazy, "Dont you know who I am types" and on and on.

      Do my job, go home forget it. If I want overtime I do it, if I don't, I don't.

  2. Anonymous South African Coward Silver badge

    23 months for me to go, before I am out of IT for good...

    1. TimMaher Silver badge
      Pint

      Retirement beckons

      Keep reading El Reg though.

      I do and I have been out for exactly three years. (Birthday yesterday).

      Here’s a beer for both of us —————>

      1. Winkypop Silver badge
        Pint

        Re: Retirement beckons

        @TimMaher

        2 years for me and also my birthday month.

        ——>

        1. DiViDeD Silver badge

          Re: Retirement beckons

          Unfortunately, working as I do for a major state government department in NSW which has a very "flexible" attitude to retirement ages, Retirement is looking less and less likely, despite me hitting what I thought was the milestone birthday at the beginning of the year. My immediate boss is 74, ffs!

          That said, if I didn't enjoy it, I wouldn't keep doing it, so mea maxima culpa (as usual).

          It's just that they keep coming up with new fun stuff to play with!

    2. CuChulainn

      I thought once you got IT on you, you could never completely get it off again.

      Enjoy what I assume is your retirement :-)

  3. anthonyhegedus

    It's not just a matter of backup and restore processes

    Just because data can be restored doesn't mean that it's that simple. Restoring data onto a compromised system is a bit pointless. How do you know the systems are no longer compromised? You rebuild them from scratch, that's how. That's slow and fraught with potential problems. The least of the problems is rebuilding the data from a backup. User credentials may need to be reset, databases recreated, users needing to be alerted.

    The important thing is to find how the breach occurred and patch whatever it was if it was a vulnerability, or if it's through an email, finding how it happened so it doesn't happen the same way again. This is why penetration testing, user education, anti-phishing training and better email security are all key.

    These days, the perpetrators of this ransomware stuff are really clever and it's not just a matter of one PC and a few thousand files. As the article says, the backups may be poisoned too.

    Bulking up security and better backups are just part of the equation. Tracking these thugs is the other part. Governments which obstruct efforts to find the crims should be sanctioned in much the same way as unruly potential nuclear powers are. And governments which fund these activities (we're looking at you, Norks) need to be even more heavily sanctioned until they start to behave.

    1. FlamingDeath Silver badge

      Re: It's not just a matter of backup and restore processes

      Shhhhh, you’ll confuse the silly wankers

      I just wish these cunts in overpaid positions would have their fat faces smashed and rubbed into this, with someone screaming at them, suck it up cunt!!

      I’d pay to see that, no seriously, I would fucking pay

    2. Evil Auditor Silver badge
      Thumb Up

      Re: It's not just a matter of backup and restore processes

      Unfortunately, I can only give one thumb up.

      1. TimMaher Silver badge
        Happy

        Re: It's not just a matter of backup and restore processes

        Here, borrow one of mine.

  4. Lon24 Silver badge

    A widespread problem?

    Interestingly my partner's University (located in London) was disabled over Christmas by a ransomware attack. Presumably they didn't pay up because its only now that some of the services are being restored. Shocking - trying to stop ransomware getting through is very hard and you can never be sure. Fixing an attack should therefore have been a planned process in days for mission critical stuff and weeks for the rest not months! But i'm guessing the VC's latest extortionate pay rise was more important than the IT budget.

    Plus I'm guessing that integration which used to be a good idea hasn't been reversed into compartmentalisation when you know part of the network will be compromised at some time.

    Maybe Christmas hols/aperitifs were responsible for it not being picked up by our neighbourhood vultures. But were there more?

  5. Pascal Monett Silver badge

    "a cut above ordinary criminals"

    A cut below, actually. They would gettheir asses kicked by any "ordinary" criminal in a face-to-face encounter.

    And "ordinary" criminals do not target hospitals, mdeical centers or places of learning. You have be a miscreant with a keyboard to think of that.

    1. anthonyhegedus

      Re: "a cut above ordinary criminals"

      au contraire, some of the criminals overseeing the whole thing are indeed the same criminals who shoot each other over turf. I've read anecdotal stories of young 'hacker types' being pressganged into working for big crime syndicates' cybercrime divisions on pain of their family meeting an untimely end.

    2. Cuddles Silver badge

      Re: "a cut above ordinary criminals"

      Hospitals are an extremely common target for ordinary criminals. Large buildings full of expensive stuff, staff and visitors often occupied by important tasks, that allow members of the public to just wander around on their own with essentially zero security. Everything from targetted theft of valuable goods like IT kit, to petty theft from people's coats and bags, is a daily occurence at pretty much every hospital in the country. Same for places like universties, which again tend to have sprawling campuses with free public access and little to no security. The idea that ordinary criminals avoid these sorts of places because at heart they're really all decent folk is incredibly naive.

      It's also rather sad to see the usual geek stereotypes coming out here at El Reg. Why would a criminal have their ass kicked just because they happen to know how a computer works? Your averge criminal hacker isn't a fat, spotty nerd living in their mother's basement, any more than your average burglar is a battle-hardened mercenary fighter with twelve black belts. Who would win in a fight has absolutely nothing to do with their chosen field of criminality.

  6. Anonymous Coward
    Anonymous Coward

    opening the door to cyber-insurance providers who'll buy off extortionists

    in plain English: crime pays and we can do fuckall about it.

  7. FlamingDeath Silver badge

    Im sure they can wheel out their overpaid “leadership” staff to unfuck the mess.

    Their salaries probably suggest they are very talented, so will have no issues unfucking this themselves

    Fucking pricks

    1. keithpeter Silver badge
      Childcatcher

      Students

      @Flaming

      Gentle reminder: remember who is on the end of this particular sewage farm incident.

  8. sitta_europea Silver badge

    I'd hang them.

  9. keithpeter Silver badge
    Pint

    Honest views

    "It is relatively unusual for an organisation to state outright that it has been hit by ransomware [...]"

    Didn't surprise me at all from South City (the being honest bit).

    I worked in FE/Adult in the West Midlands for 30+ years (never at South) and people in this sector are generally honest about the challenges. The Association Of Colleges (I think it's name changed a bit ago) do the public relations stuff for the sector when needed and spend money on glossies.

    Icon: for the teams going round re-installing and doing all the crap.

  10. Will Godfrey Silver badge
    Facepalm

    I'm afraid I'd go nuclear

    Having insurance based payments is the worst possible thing to do, it will be like throwing petrol on a fire. I'd focus on the people authorising paying the scum off. Mandatory jail time, with a minimum of 5 years actually inside if caught trying to hide the payment via offshore accounts etc.

    1. CrackedNoggin

      Re: I'm afraid I'd go nuclear

      It should absolutely be illegal to make the payoff, yes, but an IT company should be able to offer a combo security, management, and insurance package - the insurance being a guarantee on the value of their product.

      1. Anonymous Coward
        Anonymous Coward

        Re: I'm afraid I'd go nuclear

        How do the cyber insurance companies make any money?

        These attacks are happening all the time, and it's often horrifically expensive to clean this kind of mess up.

        Large frequent payouts does not, surely, equal a happy insurance provider.

        And do they not demand evidence of at least some basic IT hygiene? Cyber Essentials Plus and a proportion of staff with (e.g.) CompTIA Security+? If not that seems like complete madness.

        Unlike driving a car where you need a driving licence, an MOT and insurance. Mind you, that mostly works because it's the law. When it comes to computers anyone can buy one and merrily start hurtling along the information superhighway with zero legal requirements.

  11. sanmigueelbeer Silver badge
    Facepalm

    has told its 13,000 students that all lectures will now be delivered via the web – and has urged them to stay away from the college's campuses for the rest of this week

    Question: Why is the school/campus treating this like a rodent infestation or a measles outbreak?

    What happened to "attend the lecture(s)" with a pen and paper?

    1. claimed

      CCTV is probably compromised. Children + images + Internet, not something the college will want to do maths on.

      1. IGotOut Silver badge

        Turn off cctv.

        Fixed.

        It's like the bleeding obvious is obvious.

        It's like my kids were sent home once from the school due to a power cut "for their safety", you know, to the houses that also had no electricity.

        1. claimed

          I live in the UK, CCTV is mandatory, right? Based on my experiences, everywhere

  12. cantankerous swineherd Silver badge

    don't let critical systems anywhere near the internet?

  13. Chris the bean counter

    So it closed the campus but kept online intact

    Would have thought the other way around

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021