Cyberattack Sees UniSA Systems Shut Down


A cyberattack at the University of South Australia is continuing to impact staff and students. The circumstances surrounding the attack remain unclear, but key systems are still offline two days after the University noticed the first outage.

“UniSA experienced a cyberattack on the weekend which caused an outage of its staff email system,” a UniSA spokesperson told MySecurity Media. “The University is still investigating the issue.”

The University first flagged the cyberattack on Sunday, May 16. That morning, UniSA advised its student applications (Virtual Applications / Citrix) were unavailable. By Sunday evening, several PCs and laptops were disabled as a security precaution.

By midday on Monday, the student VPN became unavailable. Soon after, in what the University describes as a “technical issue,” the cyberattack disrupted UniSA’s incident logging system.

Across Monday afternoon, the cyberattack caused a cascading series of outages. Staff and students were prevented from making bookings online. The UDFS Teams network drive become unavailable at the top level of the network share.

At the time of publication, partial and major outages continue to impact the University’s IT systems. Student applications continue to experience a major outage while on-campus computing is experiencing partial outages. Enabling systems, including the myUniSA staff portals and staff email systems, continue to experience major outages.

Australian universities are shaping up as significant targets for cyberattacks. This is attributed to the digitisation of the learning environment. The rate of digitisation accelerated recently as COVID-19 kept staff and students at home for long periods.

But with increasing numbers of devices from an increasing number of locations accessing a university’s IT systems, and many of those devices connecting an endpoint to both secured and unsecured networks, the risk of a university’s IT system becoming compromised is increasing.

In 2018, cyber attackers infiltrated the Australian National University’s IT network via a single phishing email opened by a staff member. In 2019, another phishing led cyberattack saw the Australian Catholic University’s IT systems compromised and personal student data stolen.
Earlier this year, a cyberattack at Melbourne’s RMIT University resulted in significant disruptions, including delays to student enrolments and some payroll not getting processed on time.

Details surrounding the circumstances and motives of the UniSA cyberattack remain unknown. The University has not yet disclosed whether it was a ransomware attack. But sensitive information such as student coursework, personal information, research, and financial records combine to make universities attractive targets for ransomware attacks.

In the wake of the ANU and ACU cyberattacks, officials from the Australian Signals Directorate briefed Australian universities on the risk of cyberattacks and the need to strengthen their IT defences.

UniSA says it will continue to keep staff and students updated as parts of the University’s IT impacted systems get back up and running.