Munster Technological University has confirmed that the breach of its IT systems was caused by a ransomware attack.

The university has described the attack as targeted and said it has resulted in some of its IT systems being encrypted in order to demand a ransom.

MTU said the attack was detected at the weekend.

Its campuses in Cork will remain closed until next Monday, over a week on from the initial attack, and will only re-open then on a phased and managed basis.

The university caters for around 13,000 students and has around 1,200 staff divided among several campuses in Cork city and county. The university's campuses in Co Kerry remain unaffected.

MTU's latest statement follows a series of direct questions put to the university by RTÉ News on the extent of the damage to its IT systems and whether the personal information of students and staff had been compromised.

MTU is advising students and staff that they do not need to take action at this time, but the university cannot say if their personal data has been compromised.

"The nature and extent of this incident, including what data may have been breached, remains under investigation," MTU said in its latest statement.

"Students and staff do not need to take any action at this time and MTU will notify any affected individuals in line with our data protection obligations."

MTU says it has retained specialists and is engaging with the National Cyber Security Centre, the Data Protection Commission, gardaí and other relevant stakeholders including government departments "to minimise and mitigate" the impact of the attack and to restore its IT systems.

It says it's looking at all options "as part of this dynamic and evolving situation".

We need your consent to load this rte-player contentWe use rte-player to manage extra content that can set cookies on your device and collect data about your activity. Please review their details and accept them to load the content.Manage Preferences

The malware may have been in the university's system for weeks, Vice President for Finance and Administration at Munster Technological University Paul Gallagher has said.

Speaking on RTÉ's Morning Ireland, he said: "As staff and students are coming back on campus, there's a very high chance that they could actually reinfect the system and we need to prevent that from happening."

Mr Gallagher explained that often these attacks happen during a period that is expected to be downtimes for computers, such as the bank holiday weekend.

"The big difficulty is actually getting into the system because the first thing that is attacked is your security and your network management system and data is encrypted in those systems."

Vice President for Finance and Administration at MTU Paul Gallagher said said the university is working towards a phased and a managed return to campus from Monday

In relation to the ransom demand, Mr Gallagher said the attack was caught at an early stage and while a ransom demand was detected on the servers, he does not know the details of that demand.

"We were very lucky in that we intercepted this at an early stage, which puts us in quite a strong position.

"We discovered a ransom demand encoded in one of the servers but we haven't engaged directly at this stage at all with the ransomers."

Mr Gallagher said the university is working towards a phased and a managed return to campus from Monday.

MTU says that, after the cyber attack was detected at the weekend, immediate steps were taken to "intercept" and contain damage.

However, in a statement, it said: "The incident resulted in the encryption of certain MTU systems for the purpose of demanding a ransom."

The university said the malware may have been in its system for weeks

MTU says a dual process is now underway: to investigate the cause and extent of the attack and to establish the safest and most efficient recovery process.

"We are currently assessing all appropriate and effective solutions to allow us to return to teaching as normal and reopen our campuses as quickly and safely as possible," MTU said.

In one of its first statements to the media on the cyber attack on Tuesday, MTU said its core systems were unaffected.

"We have robust contingency plans in place for such an event and this means that core systems such as email, HR, finance, payroll and others are unaffected by this breach and are continuing to operate as normal," the statement on Tuesday said.

It's not clear at this stage if that remains the position.

The university said its outdoor facilities in Cork will reopen today.

'They target everyone, everywhere'

The type of attack on MTU is "escalating" with a large spate of these incidents occurring throughout Europe, Executive Chairman of Smarttech Ronan Murphy said.

"The big question is when did they get into the network and how long they were in there," Mr Murphy said.

Smarttech Executive Chairman Ronan Murphy said ransomware attacks are increasing across Europe

Speaking on RTÉ's Today with Claire Byrne programme, he said the reality of ransomware is that it's not an overly sophisticated attack but more "a blunt instrument".

One of the standard protocols is trying to assess the risk of re-infection and MTU will also be trying to check the level of data accessed and stolen, Mr Murphy added.

"There are a lot of unknowns the university will have to grapple with now."

He said it is a "scattergun" approach by those carrying out these attacks.

"They target everyone, everywhere, all the time.

"In this particular scenario, how it typically evolves, someone clicks on an email, they get access to the network and then they get to work. Very similar to what would have happened with the HSE.

"There has been a large spate of these attacks throughout Europe."

Healthcare, education and government bodies are often targetted, he said.

The policy of organisations is not to pay a ransom and to restore systems organically, Mr Murphy added.