MTU's Cork campuses to remain closed this week following cyber breach 

MTU said the campuses will remain closed to allow the university to follow “structured and cautious procedures and protocols that must be completed in order to ensure the security of our systems.” 

Outdoor facilities at the Cork campuses will reopen on Thursday to facilitate pre-arranged, low-risk activities, such as sports training.

MTU is continuing to engage actively with authorities including the National Cyber Security Centre and investigations into the IT breach continues.

MTU’s security systems detected the breach at an early stage with core systems such as email, finance, payroll, and HR unaffected. Most staff continue to work remotely.

A statement from MTU said: “MTU’s Cork campuses will remain closed on Thursday 9 and Friday 10 of February due to the significant IT breach and telephone outage which occurred last weekend. Our campuses in Kerry remain unaffected. We are now planning for a phased and managed return to teaching and learning from Monday February 13.

“This decision has been taken to allow us to follow structured and cautious procedures and protocols that must be completed in order to ensure the security of our systems. Outdoor facilities at our Cork campuses will reopen tomorrow in order to facilitate pre-arranged, low-risk activities, such as sports training, that are beneficial for student and staff wellbeing as well as community engagement.

"We continue to engage actively with the relevant authorities including the National Cyber Security Centre and our security partners as their investigations continue. Our students’ education is a top priority for us and we appreciate the patience of all students, staff and stakeholders while we complete this vital work.

"We are currently assessing all appropriate and effective solutions to allow us to return to teaching as normal and reopen our campuses as quickly and safely as possible. A further update will follow as soon as possible.”

The university said on Tuesday that it was working with gardaí and the National Cyber Security Centre to establish if the IT breach is linked to an international ransomware attack on hundreds of organisations.

An international ransomware hacking attack in recent days has targeted thousands of computer servers running an older version of the hugely popular VMware software called ESXi.

Ronan Murphy, the executive chairman of Cork-based cybersecurity firm Smarttech247, said hundreds of different strains of ransomware attacks happen daily but that more than 500 companies have been hit by an international attack on ESXi.

This attack is linked to the same Russian gang that targeted the HSE with ransomware in 2021.

A ransomware attack is three-pronged, explained Mr Murphy. It first threatens to block access to data, then to leak private data, and then to cultivate the hacked data.