The research and innovation agency for the UK has fallen victim to a ransomware attack and potentially a data theft, the non-departmental public body has disclosed.
UKRI, which funds higher education research and innovation and provides key knowledge exchange between academics and businesses – is working to reestablish its systems after a hack last week.
The agency is conducting a “forensic” analysis to establish if its information has been stolen by hackers who have “encrypted” its data.
It has reported the incident to the National Crime Agency, the National Cyber Security Centre and the Information Commissioner’s Office.
It said in a statement: “We are working to securely re-instate impacted services as well as conducting forensic analysis to ascertain if any data was taken, including the potential loss of personal, financial or other sensitive data.
“The two services impacted are a portal for our UK Research Office (UKRO) based in Brussels and an extranet (often known as the BBSRC extranet) used by our Councils.
The UKRO portal provides an information service to subscribers. The extranet is used to support the peer review process for various parts of UKRI.”
Launched in April 2018 as a non-departmental public body sponsored by the Department for Business, Energy and Industrial Strategy (BEIS), UKRI operates across the whole of the UK with a combined budget of more than £6 billion, bringing together the 7 Research Councils, Innovate UK and Research England.
One of its regional locations is in Scotland, with the Easter Bush Campus outside Edinburgh home to The Roslin Institute, The Royal (Dick) School of Veterinary Studies, Scotland’s Rural College and a growing cluster of bioscience organisations. It is not known yet what variant of ransomware has been deployed as part of the attack on UKRI amid several high-profile recent cyber incidents on government bodies, including the Scottish Environment Protection Agency.
