RMIT University in Melbourne shut down its IT systems to nullify a phishing
RMIT shut down its systems and canceled all classes and distance education then RMIT began alerting other Australian universities to the possibility of targeting them and not opening or responding to suspicious emails as an employee is tricked or unintentionally clicked on a malicious link in an email.
RMIT's IT services team is currently working on resolving issues that affected access to the university's supported applications and systems.
Phishing is a fraudulent email message designed to deceive a user by imitating companies or legitimate people. Often external links download malware that helps control systems remotely.
RMIT said classes will resume at its professional education campus, urban schools and aviation schools as well as graduate-critical research activities, and RMIT staff will continue to work remotely, with access to critical systems including Office 365 and Canvas.
It is possible that the attack was a ransom commodity, rather than a coordinated targeted attack on RMIT, given the rapid shutdown of the network.
Ransomware attacks generally have achieved financial gains as the attackers infiltrate a network or system, extract private and sensitive information and then demand money from a company or individual in exchange for not releasing the stolen data.
The Australian National University in Canberra was hit by a phishing attack in 2018, and hackers successfully broke into ANU's systems after sending an email to a senior university employee. The hack only required email preview to steal credentials.
Australian universities are often at the forefront of research and industry and are increasingly becoming targets of hackers. However, in the ANU case, most of the time the hackers were looking for personal information, consistent with attempts to identify theft.