Recently the UvA and HvA have been under cybernetic attack. While that might sound threatening, the fact that we don’t have much news on the subject is something to be glad about. In the next lines, we’ll look at the situation we find ourselves in now, and what contributed to its slow development.
The cyberattack might not be news to you at this point, as the UvA has done a lot to notify and advise students to change their UvANetID passwords. But let’s take a look at how this situation has unfolded and why isn’t it over yet and how that is something unexpectedly good.
Acknowledging Your Own Faults and Doing Better.
Two students of the Master System and Network Engineering at the University of Amsterdam […] have discovered several vulnerabilities in the system which gained them access to more than 10,000 live user accounts.
While the cyberattack started in the second week of February 2021, we need to go back to 2016 when two students of the Master System and Network Engineering at the University of Amsterdam conducted a security review of the Blackboard implementation at the UvA. They have discovered several vulnerabilities in the system which gained them access to more than 10,000 live user accounts.
As this study was documented and conducted with the accord of the university, the Board of UvA’s ICT services could take account of these vulnerabilities and create a cyber secure network for all of the students and staff accessing the Blackboard platform. However, they weren’t that quick to fix all of these issues, as the blog post accompanying the report of the Master students mentions in their timeline: “26 September 2016: UvA claims to have fixed stuff, turns out (almost) everything is still possible”.
Learning From the Mistakes of Others.
Our web surfing takes us now to the day before Christmas Eve of 2019. What happened then? Oh, nothing! Just a massive cyberattack on the University of Maastricht. Responsible for this attack was ransomware hackers who have successfully put a halt to research and education at the institution, which forced the university to pay 200.000 €.
While this could have been covered up, at least to some extent to ‘save face’, that’s usually not the way dutch universities roll, and the University of Maastricht is no different. They have been extremely transparent in their attempts at “removing the direct disruptions to rebuilding the services to students, academic staff and support staff”, by posting daily updates on the university’s website and by later publishing a report encompassing all of the damage that has been done to their systems and all the work done to repair that damage. Their motivation for this transparency is the desire of the University of Maastricht to “play its part in increasing digital security”.
How Does That All Come Together?
The Internet current washes more familiar shores as we return to the present year at the University of Amsterdam. The ongoing cyber attack has likely started on the 17th of February, making this the 3rd week that students have seen the now too familiar warning to change their passwords.
Still, there have not been any updates on the UvA’s website since the 24th of February. As mentioned in a previous statement, the university cannot give out any background information on the situation, as there is an ongoing investigation.
What we do know so far is that the professional hackers looking for financial gain are culpable for this attack and that no ransom has been formally claimed yet.
In the case of the Maastricht cyberattack, things were over and done in a week after the hacking occurred. So this ongoing limbo and lack of information, unpleasant as it might be, is a sign that the fight is not lost yet. No update is still an update that things have not gotten worse.
That is all due to the preparedness of the emergency response team and the ability of the Board of UvA’s ICT services to learn from the vulnerabilities of their own systems and others’.
Cover: Philipp Katzenberger