The University of London Computing Centre (ULCC) was struck by a distributed denial of service (DDoS) on Thursday that saw its online learning platform downed for hours.
ULCC's open source learning platform Moodle, which provides services to over 300 UK institutions and supports over two million higher education and further education students, was taken offline for four hours on Thursday.
Universities affected by the hack included the University of Warwick, Queen Mary University of London, Birkbeck and Manchester Metropolitan University, and a number of university and education related websites including those belonging to Universities UK the European Library were also downed.
ERM HOW AM I SUPPOSED TO LOOK AT MY REVISION SLIDES FOR MY EXAM TOMORROW WHEN MOODLE IS DOWN @ManMetUni ARE YOU ACTUALLY SERIOUS????????????— Abbie Winter (@abbiewint) May 21, 2015
Paying £9,000 a year for Moodle to be down on results day, good one Plymouth— Lauren (@BlameLauren) May 21, 2015
Technicians at ULCC initially placed the blame on firewall issue.
"Our engineers have narrowed the fault down to an issue with our Firewall," the university said. "They are currently running through procedures to isolate the fault and re-establish connectivity"
However, ULCC later admitted that it had been the target of hackers, and said that the system was taken offline by a DDoS attack.
All services back up and running. Cause was a cyber attack, source has been identified and block: http://t.co/Utg3TMBFdu ^FS— ULCC (@ulcc) May 21, 2015
Four hours after the hackers had struck, the university said in a statement on its website: "All our services are now up and running again! The networking issue was caused by a cyber attack.
"We have taken action to block the source. An incident report will be produced and shared in due course. We appreciate your patience, understanding and words of support on social media."
No further details about the attack were revealed, but Russia Today reports that it originated in the UK.
George Anderson, director at Webroot, said the attack was clearly implemented to have maximum impact on a system that would have been at peak usage around exam-time.
He said: "While it's positive to see that staff at ULCC have got the system back up and running, over 4 hours of 'complete shutdown' is not an acceptable time-period in most businesses cases.
"Hopefully this case will serve as a warning to other organisations, encouraging them to ensure that they have an effective strategy in place to make sure user experience is impacted as little as possible."
Users are told that their non-existent 'iPhoneID' is expiring soon
Expansion of SDK intended to expand Amazon Alexa ecosystem
Locky returns from a prolonged rest with two new variants
AMD lambasted over Radeon RX Vega pricing that will add an extra £100 to RX Vega 56 and 64 graphics cards
Company accused of failing to tell anyone that the launch prices were only introductory offers