Toni Dimaano Tech 01.04.2023 04:Jan AM EST

Royal Ransomware Takes Responsibility For Queensland University Of Technology Attack

The Queensland University of Technology was recently the target of a cyberattack, and the Royal ransomware gang has taken credit for it.

In addition to this, the group has reportedly started leaking information that was supposedly acquired during the security breach, Bleeping Computer writes.

QUT Has Warned Students And Staff About The Attack

Having 52,672 students, Queensland University of Technology (QUT) is one of Australia's largest universities and runs on a budget that exceeds one billion Australian dollars.

The university has a strong emphasis on STEM fields including science, technology, engineering, and math.

In recent years, it has benefited from major government financing for its research, making it vulnerable to those who want to exploit its data for monetary gains.

With that, on January 1, QUT announced a cyberattack, and alerted academic staff and students to impending service interruptions brought on by the security breach.

In order to stop the attack from spreading, the university took down all IT systems, and it is now coordinating its response with outside experts, a statement by Queensland University of Technology claims.

The university says that its staff is working towards assessing the situation to restore the system's services and stop the ransomware attack from creating further disruptions.

Additionally, according to reports, campuses will reopen on January 3; however, it is anticipated that there will be some system problems that last for a few weeks.

Due to the current unavailability of the HiQ website, "Digital Workplace," "eStudent," and Blackboard systems, many courses and tests have been postponed until early February.

Moreover, access via VPN using Cisco AnyConnect has been banned until further notice, as well as network drive folders like "U Drive" and the printing network.

Notices have been sent to all students and staff informing them of the issue, and a service status page has been set up to provide updates on the restoration process and service availability.

QUT employees and students were cautioned not to attempt to access any university systems that were listed offline on the status page and to be on the lookout for any unusual communication attempts.

Royal Cybercrime Group Claims It Has Exposed Compromised QUT Data

The university's most recent updates state that there is no proof that any data has been compromised as a result of the cybersecurity problem.

Although the university maintains that there is no proof that anything was stolen, the Royal ransomware operation has already started distributing material that they assert was taken from QUT.

According to Bleeping Computer, the ransomware gang claims that 10% of the data stolen during the attack was leaked in a new item on their data leak site.

This includes HR files, email and letter correspondence, ID cards and documents, as well as financial and administrative information.

It is important to note that the notorious Conti ransomware gang, which was shut down in May 2022, led to the birth of the Royal ransomware operation in September 2022.

Initially known as the Zeon group, the ransomware operation changed its name to the "Royal Group" in September, soon attracting the interest of experts and governments after making many attacks on healthcare organizations.