Harare Institute of Technology (HIT) has been hit by a “major” ransomware attack which brought down its shared drives and student management system.
The attack has also led to the encryption of all emails and student records on HIT servers.
According to a source at HIT, the website and all connected servers have been put off line and the IT department is working flat out.
The university has referred to the ransomware potentially exploiting a zero-day vulnerability, but it is currently unclear as to which family of ransomware caused the infections.
“It’s not yet clear what specific strain of ransomware hit Harare Institute of Technology, but the university is warning that it may be a “zero-day” attack one not seen in the wild before due to the fact that it was not picked up by its antivirus software.” Said the source.
The incident response team at HIT-one of the Zimbabwe’s most prestigious universities ,temporarily blocked access to the website, shared and network drives to reduce further spread of the malware.
These university ransomware attacks come a month after the the WannaCry attack, which used worm-like features to infect hundreds of thousands of Windows PCs around the world.
The high-profile incident highlighted how easily ransomware can disrupt systems, and things are only likely to get worse before they get better.
There are over 50 different ransomware variants in circulation and as the rise of WannaCry shows, it’s relatively easy to pin on extra features that can make the malware more powerful. In this case, what made it so effective was the ability for the malware to spread from PC to PC without user intervention.