The Ruhr-Universität Bochum, the German-speaking University of Bochum, announced today that it has been suspended due to a cyber attack that took place on the night of September 6-7. The company was forced to shut down most of its central IT infrastructure, including its backup systems.
It is a German university in the central Ruhr area of Bochum with more than 42,900 students and 5,800 employees. Over the past two years, the university has been ranked in the top 500 universities in the world in four assessment committees.
Due to major technical problems in the IT infrastructure, a large number of systems have failed since Thursday 7 September. May 2020, 8 a.m., the university is no longer available, the university announced this morning.
For example, not all RUB members have access to the Outlook e-mail program and the VPN tunnel needed to access the folders from the home office. The internal service portal cannot be selected either.
At 10.35 a.m., the Ruble reported in its update that its systems had been hit by a cyber attack aimed at the university’s central IT infrastructure, leading to the closure of a large part of the university’s IT infrastructure.
As the overall situation remains unclear, IT services recommend to disable all connected Windows based server systems and faculties, added the rouble.
The nature of the attack is currently being analyzed, further details about this university were announced in the press release issued at 14:40. As an immediate measure, all central servers and backup systems that could have been affected were shut down.
Russian students and staff are advised to limit the use of Windows applications to the most important communication processes, not to open e-mail attachments and to send documents that can be shared as PDF files.
The university also indicated that its management systems and e-mail services are currently not available through the Exchange system.
RUB Mail, Moodle, Rub-Cast, Zoom and Matrix (Riot) are still available and RUB’s IT staff says they must not be hit by a cyber attack.
It is considered highly unlikely that these claims would be affected by any attack or threat. The use of these systems is therefore permitted, among other things, to support digital learning. This means that it is now possible to use these systems for teaching in digital format without restrictions. – RUB.
RUB’s IT services, with the help of an external team of security experts, are currently analysing the nature and extent of the damage caused by a night-time cyber attack.
They also try to determine a future course of action and will provide further information about the attack and recommendations if details become available.
The University of Duisburg-Essen (EDU) has also issued security advice to remind its own staff and students to be cautious when exchanging data on shared platforms and to guard against unexpected e-mail messages.
The EDU also warned that due to the close cooperation between our universities, there are many interfaces through which the infection can spread.
Currently, it is not known whether data was obtained or filtered from students, staff or researchers during the attack, or whether one of the systems was infected with a malignant strain.
Last year Maastricht University (UM) announced that 1,647 Linux and Windows servers and 7,307 workstations were encrypted by attackers after 23 were attacked. December had installed a Clop Ransom.
In February, UM reported that it had paid a ransom of 30 Bitcoin required by the attackers to recover all encrypted files, which were then identified by Fox-IT as a financially motivated TA505 hacker group.
N/T Gunter Born