Cyber Terrorists

Cyberattack on SaskPolytech
On Saturday, Saskatchewan Polytechnic reported a “service disruption” affecting their website, intranet portal, VPN and other operating platforms and online services. The warning, however, added that “it is important that you do not use your computer to access the network or services using a VPN connection,” and that email should only be accessed using a cellphone. Clearly this was more than equipment failure.

On Sunday, SaskPoly clarified that it had been the target of a “cybersecurity incident” and was working with outside experts and law enforcement to assess its extent. All online and in-person applied classes were cancelled for Nov 2-4, and “Our first priority is to restore the online learning environment for students” (Brightspace).

On Monday, SaskPoly reported it was making progress restoring systems, including Microsoft Office, Outlook email and calendars, Zoom and Kaltura. Employees were instructed to install “adaptive, next-generation antivirus and endpoint detection and response software.” It clarified that “during the period of Nov 2-4th, there should be no learning activities, classes, program offerings, student required assignments, meetings with staff, students, or other stakeholders… Assignments due are postponed. Access to campus is extremely limited.” Students were warned that they may need to resubmit assignments once systems are restored.  

By press time Monday night, SaskPoly’s Brightspace and Banner systems remained inaccessible to most staff and faculty, and the website was completely dark. Updates on the situation are being shared at a new purpose-built website, The institution emphasizes that “at this time, there is no reason to conclude personal information has been breached.” 

uUtah paid $450K Data Ransom
In late August, the U of Utah revealed that it paid extortionists $457,059.24 to stop a cyberattack on servers at its College of Social and Behavioural Science in July. The “unknown entity” encrypted just 0.02% of the data stored there before IS detected the attack. The affected servers were isolated, cleaned, and reinstalled from backups – but because they included employee and student information, the ransom was paid “as a proactive and preventive step to ensure information was not released on the internet.” US News

Reference sites

%d bloggers like this: