Large-scale cyber attack slowed UK networks for almost a month


Memorial Hall building mug

Rick Childress

More aggressive network security measures were implemented early Sunday morning in response to a cyber attack which has slowed university and UK Healthcare systems for almost a month.

The cyber intruders installed cryptocurrency miners on a university system in early February which used the university’s processing power to mine  cybercurrency like Bitcoin or Ethereum, information on the university’s website related to the attack showed.

There is no evidence that any personal information like student, patient or employee information had been accessed, UK President Eli Capilouto wrote in a campus-wide email early Sunday.

Eric Monday, UK’s executive vice president for finance and administration, told the Lexington Herald-Leader that it was “hard to determine” whether private information of students, faculty or patients was ever vulnerable. Monday added that the “risk to people’s information is much lower today than it was a month ago.”

More than $1.5 million has been spent so far to combat the cyber threat, UK spokesperson Jay Blanton wrote in a statement. The university’s cyber insurance should cover some of those costs, Blanton said.

University officials hired an independent forensic firm and consulted with cybersecurity experts after the university first learned of the threat in early February, Capilouto wrote in his email on Sunday.

Blanton said the university consulted primarily with Microsoft and Crowdstrike.

Capilouto wrote that the planned network outage early Sunday morning was crucial to installing “more aggressive security measures,” and now that the installation was complete, the university can “communicate with full transparency.”

Blanton said the outage on Sunday took about three hours, and the university will “continue to power on systems and monitor them throughout the morning.” 

This is a developing story. Check back for updates.