For the third consecutive day, universities faced an attack on their networks: someone sent so much internet traffic to the network that it caused a bottleneck.
“It just stopped”, said SURF spokesperson Tom Hoven shortly before noon. “Traffic has resumed. Our measures worked, but of course, we’re reviewing what exactly happened this week and will learn from it.”
Daily occurences
SURF’s network is attacked in this way almost daily, according to Hoven. “But normally, we fend off such DDoS attacks without anyone noticing. This one was much larger. All our members were affected.”
SURF is the ICT collaboration organisation for education. It includes all research universities, universities of applied sciences, and academic hospitals, as well as vocational colleges (mbo) and some secondary schools.
SURF says little about the origin or motive of the attack, as far as it is even known. The organisation is also unwilling to disclose the measures taken, as another attack could follow.
Targeted
Unlike most phishing emails (fake messages about an inheritance or login issues with your bank), a DDoS attack is targeted, Hoven explained. The attackers select the network they want to overwhelm.
This past weekend, TU Eindhoven was hit by a cyberattack. As a precaution, the university temporarily shut down its network. The systems have since been restarted, and teaching will resume on Monday. It is unclear whether this hacking attempt is related to the DDoS attack at SURF.
The government is working on a draft law to improve Dutch cybersecurity. It is possible that universities will also fall under the legislation, requiring them to implement certain measures.