In February 2024, the universities of Cambridge and Manchester were thrown into chaos following a cyberattack that disrupted internet services and critical online systems. The attack, attributed to the hacktivist group “Anonymous Sudan,” targeted the institutions due to the UK government’s political stance in the Gaza conflict.
The attack, which began on February 19, impacted students’ ability to access essential university resources remotely, including email services and research platforms. It primarily took the form of a Distributed Denial of Service (DDoS) attack, a tactic where a flood of data traffic is directed at a network to overwhelm it and cause disruptions. Both universities confirmed that their IT departments were working closely with external cybersecurity teams, including Jisc, a higher education IT consortium, to contain the damage and restore services.
By the next day, Cambridge’s Clinical School Computing Service reported that the incident was largely under control, though some systems remained affected. Manchester also regained some stability in its internet services but warned that further disruptions might occur.
While the attack was politically motivated, this event highlights a broader concern for UK higher education institutions: the vulnerability of university IT infrastructure to cyberattacks. With universities increasingly dependent on digital platforms for both administrative functions and academic research, cybersecurity threats can cause severe disruption to their operations. Moreover, educational institutions house valuable research data, much of which could be of interest to both criminal and politically motivated attackers.
From a cybersecurity standpoint, incidents like this emphasize the importance of preparedness. Universities must invest in advanced firewalls, intrusion detection systems, and continuous monitoring to mitigate the risk of DDoS attacks. Additionally, regular cybersecurity training for IT staff and a robust incident response plan can significantly reduce the impact of such breaches.
The hacktivist group behind the attack, Anonymous Sudan, has been linked to other politically charged cyberattacks, raising concerns about how universities can safeguard themselves against increasingly sophisticated threats. Although the group is named after Sudan, experts have speculated that it is actually aligned with pro-Russian factions, pointing to the complexity and geopolitical nature of modern cyber threats.
Both Cambridge and Manchester universities have since committed to reviewing their cybersecurity measures in light of the attack, but this event serves as a stark reminder for all higher education institutions of the need for constant vigilance in the face of evolving cyber risks.
