Canadian University Hit By Cryptojacking Malware Turns Off Entire School Network
A cryptojacking attack that targeted St. Francis Xavier University in Nova Scotia, Canada has led to the shutdown of the institution's entire network.
A cryptojacking attack that targeted St. Francis Xavier University in Nova Scotia, Canada has led to the shutdown of the institution’s entire network, says a report published by a local news outlet.
The institution’s system administrators are said to have found it difficult to root out the cryptocurrency mining malware, a factor that has seen the university’s network stay offline for nearly a week since the discovery of the cyber attack.
University is latest in growing list
Crypto mining, also known as “cryptojacking,” has become a go-to tool for cybercriminals that exploit unsuspecting victim’s computers and computational power to mine digital assets.
The frequency of attacks has increased over the last couple of years, and targets all manner of victims, with McAfee Labs reporting that crypto mining malware attacks had risen by nearly 86 percent in Q2 of 2018.
According to Canadian news outlet Global News, the cryptojacking attack at the university began on November 1, 2018 and targeted the institution’s extensive network infrastructure. The attackers were intent on exploiting the massive computational power to illegally mine an unidentified cryptocurrency.
However, system administrators detected the malware and immediately took the entire network offline, effectively paralyzing the school’s online course, cloud storage facilities, email service functionalities, debit transactions, and Wi-Fi connectivity.
The university administration released an update on the attack on November 4, 2018, stating there had been no indication that the malware had compromised any sensitive or personal data.
The statement confirmed that taking the network was “purposefully disabled” as a precautionary measure resulting from the security breach.
Part of the statement goes on to say that:
“The malicious software attempted to utilize StFX’s collective computing power in order to create or discover bitcoin for monetary gain.”
As confirmed in the statement, the decision to offline the network was aimed at giving the institution’s IT specialists the time to identify and fix the problem.
The update also informed the university community that all services would resume, although that would be staggered as they continue to monitor the system’s security.
Following the attack, the IT department has asked all users within the university to reset passwords to their accounts.
The cyberattack at St. Xavier University is one among many high profile cases where criminals have sought monetary gains via crypto mining.
In September, the Indian government reportedly suffered a widespread cryptojacking attack that affected several of its websites across the country.
Source-code search engine PublicWWW has listed over 100 corporate entities that have suffered cryptojacking attacks, including India’s Aditya Birla Group that had over 2,000 of its computers hit with a mining malware.
In October, a research group published a detailed report that how a fake Adobe flash update pushed malicious files that installed crypto mining malware on a user’s computer and secretly mined Monero (XMR).
A Cyber Alliance Threat report has pointed out that cases of crypto mining have increased in 2018, with attackers becoming increasingly sophisticated. With the situation appearing to worsen, corporate, government businesses and institutions could be at most high risk of attack.
Researchers and cybersecurity experts have also cautioned that though ransomware attacks on the scale of NotPetya and WannaCry have not surfaced in 2018, there remains a significant risk, with SamSam and VPNFilter malware, the most likely to cause extensive damage.