St Cross College suffered a cyber attack on Monday, causing disruption and renewing concerns over cyber security

IT services were deactivated across campus at St Cross College after a disruptive cyber attack. All members were without internet and data services on Monday and Tuesday.

Carole Souter, Master of St Cross, told students in an email that “we are currently suffering serious IT issues as a result of crypto malware.” Wifi and data connectivity was turned off across all College sites on Monday and has yet to be fully restored around the College, meaning many students have been without wifi or signal for the bulk of the week.

Students at St Cross were told about the attack on Wednesday, two days after all internet systems were turned off, which left many in the dark about an attack which brought significant disruption to their lives. Although the disruption was significant for all, students reliant on online services suffered the most. Those attempting to access WebLearn, the university’s online Virtual Learning Environment, or Canvas, WebLearn’s successor, were forced to leave their college to carry on with their studies, whilst those seeking to use SOLO, the university’s library platform, were unable to do so, presenting particular disruption to the many students who use it to find literature online. 

Members of St Cross have also been disrupted in other unexpected ways. Many electronic systems were replaced by analogue alternatives as students found that catering staff were unable to process transactions online. Instead, students were asked to write down their name and university number and staff were told to jot down their meals with pen and paper. Screens around the college also went black, serving as a constant reminder of the pre-digital world they were in and depriving members of the information and regular bulletins they rely on.

In an exclusive comment to The Oxford Blue, Ms Souter expressed her gratitude to the “expert assistance of the University in isolating the malware concerned and restoring IT services to our community.” This response began with the partial restoration of services in the West Wing, where many student rooms are located. Since Wednesday, wifi around the site has been spotty, according to students at the College, whilst no further updates have been offered.

The drastic action taken by St Cross to isolate their systems was prompted by a fear that the problem might “spread to the wider University and its systems, or to personal IT.” The latter concern will be of particular worry to students, but Souter assured students that “(w)e have seen no indications of data loss” and that “content on College computers is regularly backed up.”

However, the events will do little to dispel concerns that neither the university nor Oxford colleges are doing enough to protect themselves from cyber threats. Universities are particularly attractive to hackers because they hold a wealth of research data and invaluable intellectual property that otherwise takes years to develop. 

Carsten Maple, former chair of the Council of Professors and Heads of Computing, explained that “somebody might attack a university and then provide information to a nation state.” Particularly attractive are files containing research on new batteries, weapons, or fuels.

The news follows revelations last month that Sci-Hub, the popular database for scientific publications, gained unauthorised access to the IT systems of the University of Oxford, amongst 372 others. The group is led by Alexandra Elbakyan, who last month was put under investigation by the United States Department of Justice for suspected ties to Russia’s military intelligence arm, the GRU, following an investigation by PSI, a group that fights academic piracy. Elbakyan has denied working with Russian intelligence.

Further, Freedom of Information requests revealed that the University of Oxford had experienced 515 cases of unauthorised access to accounts in 2016-17, making up almost half of the 1,152 security breaches at British universities in the period, highlighting how Oxford is particularly vulnerable to security breaches.

Throughout this week, many students have experienced issues with eduroam across Oxford, and this news will prompt concerns that the IT issues at St Cross had spread to university systems, posing a threat to valuable research throughout the university, although Ms Souter claimed that “(w)e have no evidence that it has had any effect on systems beyond the College,” adding that there was no evidence that St Cross had been specifically targeted. The University of Oxford and Oxford colleges should be vigilant against cyber attacks to mitigate the loss of this research and prevent significant disruption to students, but as the events earlier this week at St Cross prove, there is much more work to be done.

The University’s Public Affairs Directorate did not respond to our request for comment.