Univ. of Kentucky, UK Healthcare Ends Month-Long Cyberattack

Hackers from outside the U.S. infiltrated the University of Kentucky’s computer networks and used its processing capabilities to mine cryptocurrency.

Univ. of Kentucky, UK Healthcare Ends Month-Long Cyberattack

Kentucky’s largest university system rebooted its computer networks Sunday after a month-long cyberattack that officials say was the worst in university history.

According to officials, the three-hour campus-wide network outage at the University of Kentucky (UK) and UK Healthcare was successful at “mitigating the existing cyber threat,” reports  Lexington Herald-Leader.

Eric Monday, UK executive vice president for finance and administration, said unidentified threat actors from outside the U.S. infiltrated the system back in February and installed malware that used UK’s “vast processing capabilities” to mine cryptocurrency.

Cryptocurrency mining is a process in which transactions between users are verified and added into the blockchain — a public list of all transactions. The primary purpose is to set the history of transactions in a way that is computationally impractical to modify by any one entity.

Monday said UK’s system is pinged daily by attackers trying to penetrate the system but most fail. The hackers from this cyberattack entered through a university server outside UK Healthcare.

The attack caused computer systems used by students and employees to slow down or temporarily fail. Disruptions were mainly seen at UK Healthcare, which operates UK Albert B. Chandler Hospital and Good Samaritan Hospital. Both hospitals serve two million patients.

University spokesman Jay Blanton said an investigation into the attack found no evidence that patient or student data were compromised. Patient safety and access to care were never comprised but day-to-day functions were likely interrupted, he added.

University of Louisville Associate Professor of Computer Science and Engineering Dr. Adrian Lauf told Lexington Herald-Leader the return for mining cryptocurrency is nowhere near the value of patient health information, which is why he is “surprised that, given the value of public health information, it was not taken.”

“It’s like breaking into a bank to go steal something from the vending machine,” he said.

As a result of the attack, the university hired an independent computer forensic firm to help improve cybersecurity, according to Info Security magazine. The firm installed CrowdStrike security software to prevent future threats.

It is estimated the school spent more than $1.5 million to eject the malware from its network and improve cybersecurity.

About the Author

Contact:

Amy is Campus Safety’s Senior Editor. Prior to joining the editorial team in 2017, she worked in both events and digital marketing.

Amy’s mother, brother, sister-in-law and a handful of cousins are teachers, motivating her to learn and share as much as she can about campus security. She has a minor in education and has worked with children in several capacities, further deepening her passion for keeping students safe.

In her free time, Amy enjoys exploring the outdoors with her husband, her son and her dog.

Read More Articles Like This… With A FREE Subscription

Campus Safety magazine is another great resource for public safety, security and emergency management professionals. It covers all aspects of campus safety, including access control, video surveillance, mass notification and security staff practices. Whether you work in K-12, higher ed, a hospital or corporation, Campus Safety magazine is here to help you do your job better!

Get your free subscription today!


Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety Online SummitCampus Safety HQ