Munster Technical University has been blackmailed and held hostage by a group of hackers believed to be based in Russia or parts of the former Soviet Union, the Supreme Court has heard.
The MTU have announced this evening that data has ended up online, but that the campus will reopen tomorrow.
According to the court, the cyber attack on MTU’s computer system discovered in recent days would have been carried out by individuals from a ransomware group called ALPHV, alias BlackCat or Noberus, reports RTE.
MTU says the alleged perpetrators are former members of the “REvil” ransomware group, which attacked an Apple supplier in 2022 and was proven to be based in Russia.
A late session of the High Court last night heard that the college has received a ransom note demanding a substantial sum of money, Judge Garrett Simons was told, or it will release classified information that attackers allegedly obtained from the MTU computer system. received employees and students of the University.
According to the court, Mtu will not pay any ransom.
While the college doesn’t currently know to what extent BlackCat obtained its data, it is very concerned about the attackers’ threat to release any material that may have come from the college’s computer system.
If the money was not paid, the attackers threatened to sell and/or publish confidential information and data on the university’s employees and students, which allegedly came from MTU’s computer system.
The exact number claimed by the attackers was not disclosed at the public hearing.
Accordingly, MTU, represented by Imogen McGrath SC, with Stephen Walsh Bl. acting on behalf of Arthur Cox Solicitors, has obtained an injunction preventing the currently unknown masterminds behind the attack and anyone else with knowledge of the order from being made public and accessible from being made public or sharing classified university materials, reports RTE.
The ordinance also requires defendants or others in possession of confidential information to deliver all material in their possession to MTU.
In seeking the orders, Ms McGrath said the college’s operations and services to its 18,000 students were significantly disrupted as a result of the attack.
Investigations by experts into suspicious activity first detected on Sunday 5 February in MTU’s computer system are underway, the lawyer said.
The lawyer said that MUT’s IT team discovered an encrypted ransom note.
The memo included a link followed by the National Cyber Security Center.
The lawyer said there was a page on the “dark web,” a collection of websites that can only be accessed with a specific browser, where ransom notes were laid out, reports RTE.
The request was made by BlackCat and required the payment of a certain amount by 11.45pm on Friday 10 February.
If the money was not paid, BlackCat threatened to publish the date supposedly received from MTU.
It is clear that the intention of the supporters was “blackmail and extort MTU,” said the lawyer, reports RTE.
The attacker’s actions to date have caused significant reputational and financial damage to the college, the attorney said.
While nothing has been released to date, MTU feared that without the High Court order there was a serious risk of the material being released online.
In issuing the orders, Judge Simons said he believed this was a case where an injunction should be granted ex parte when only one party was present in court.
The matter will return to court later this month.
In a statement this morning MTU said: “MTU has engaged specialist services to closely monitor the internet for any possible leak of data. While the forensic investigation is ongoing to ascertain to what extent any personal data has been removed from MTU systems, the obtaining of this court order is one of a number of measures being taken by MTU in response to this incident and to mitigate its effects. All possible affected users should be extra vigilant in respect of potential attacks by email or SMS or other unsolicited communications,” reports RTE.
Tell us your thoughts in the Facebook post and share this with your friends.