The hacker group known as Anonymous Sudan has been implicated in a string of alleged Distributed Denial of Service (DDoS) attacks on major UK universities, including the University of Cambridge and the University of Manchester. The group, purportedly using the Skynet botnet, has recently upgraded its capabilities. In a post attributed to the threat actor, Anonymous Sudan cited reasons for the attacks, including the UK’s perceived support for Israel and involvement in conflicts such as the Gaza and bombing campaigns in Yemen.
Despite the severity of the claims regarding the cyberattacks on these prestigious institutions, both the University of Cambridge and the University of Manchester have yet to issue official statements or responses. As of the latest update, their websites remain operational with no apparent signs of cyber intrusions.
Nevertheless, the threat actor emphasized these cyberattacks, stating, “We have executed a MAJOR cyber attack on the digital infrastructure of 2 of the biggest UK universities; University of Cambridge and University of Manchester. A Reason for the Attack: UK’s unconditional support for Israel and complicity in the ongoing genocide in Gaza as well as bombing campaigns on Yemen. We therefore claim any harm to the aforementioned universities & any collateral damage.”
In addition to these specific incidents, colleges and universities are increasingly becoming prime targets for cyberattacks. The wealth of personal, financial, and confidential data, coupled with valuable research findings, makes higher education institutions lucrative targets for threat actors.
Anonymous Sudan, a hacker group engaged in numerous distributed denial-of-service (DDoS) attacks worldwide since early 2023, has been linked to these recent incidents. Despite claiming Sudanese roots and targeting “anti-Muslim activity,” their actual origins remain ambiguous, possibly linked to Russia. Employing public warnings and propaganda, they garnered attention but were only one among many utilizing DDoS attacks. Their motives, obscured by collaboration with groups like Killnet, extended beyond ideological pursuits.
Suspected ties to Russia arose from linguistic cues and infrastructure similarities. Anonymous Sudan primarily utilized DDoS tactics, inundating targets with malicious traffic, often preceded by public threats. Their methods include HTTP floods and rented server clusters, hinting at substantial financial backing. Their modus operandi sought attention and induced uncertainty, although their true intentions and origins remained elusive.
Protecting these institutions poses unique challenges due to the need for open access to networks by both employees and students. Mitigating cyber threats involves understanding various attack vectors and implementing appropriate solutions. According to Lamar University, among the identified threats targeting universities and educational institutions are phishing and spear phishing attacks, exploiting outdated operating systems and software, and unauthorized hardware access. To address these challenges, education on cybersecurity practices, strong password policies, multi-layer security measures, encryption of sensitive data, and multi-factor authentication are crucial.
Additionally, regular data backups are essential to mitigate the impact of ransomware attacks, while limiting access to sensitive data helps minimize risks associated with insider threats. As for the University of Cambridge cyberattack and the University of Manchester cyberattack, both are ongoing stories and further information will be updated once official confirmation from these educational institutions is received.
In conclusion, the increasing frequency and intensity of cyberattacks on educational institutions highlight the need for robust cybersecurity measures and proactive strategies to safeguard against such threats. As technology continues to evolve, so do the methods employed by threat actors, underscoring the importance of ongoing vigilance and preparedness in face of cyber threats.