News, views and top stories in your inbox. Don't miss our must-read newsletter Sign up Thank you for subscribing We have more newsletters Show me See our privacy notice Invalid Email

University College London has been hit with a cyberattack similar to the one that crippled the NHS in May.

Ransomware, which locks files on a victim's computer unless a payment is made, has been reported on the university's system.

It's not clear yet whether it's the same WannaCry virus that spread through the NHS, but UCL has been forced to disconnect large parts of its system in order to contain the threat.

According to the organisation's IT services, the attack was started through accessing a compromised website.

UCL stated it has "currently contained the risk of further infection" but notes the attack "is still under active investigation".

"We have continued to analyse the infection across the UCL filestore and the method of infection this is still ongoing," the university said.

"We have not seen any more users affected by the malware. We no longer think the infection came from an infected email but from users accessing a compromised website.

"If you receive email that is unexpected or in any way suspicious then you must not open any attachment or follow any link in the email.

(Image: Getty)

"Doing so may lead to loss of your data and very substantial disruption to the university."

The attack has drawn renewed concerns from cyber security professionals about the importance of digital defences.

“What this attack highlights is that anti-virus alone is simply not sufficient enough to prevent ransomware," explained Andrew Stuart, managing director of data security company Datto .

"Along with vulnerability patching, these AV tools might be capable of catching known strains of malware, but newer ones too often pass through defences undetected.

(Image: Getty/Rex)

“The only true way of mitigating the impacts of ransomware is through a multi-layered cybersecurity approach that includes backup. If companies take regular snapshots of their systems, they are able to quickly spin-up systems to a ‘healthy’ point before the ransomware took hold.

"This mitigates the costly downtime most face as they attempt to find another resolution and, of course, means that they do not have to give in to the attackers’ demands.

“All organisations must educate users about the dangers of phishing emails, with a greater emphasis placed on how to spot the red flags.”