Hacker TU/e allowed to roam freely for five days
Using stolen login credentials and a few tricks, a hacker managed to penetrate the entire network of TU Eindhoven. A ransomware attack was probably averted at the last moment.
Image by: Wesley Klop
On Monday morning, TU Eindhoven released reports on the hacking incident that occurred last January, leading to a days-long disruption of education. At that time, the university took the network offline to prevent further issues.
The hacker was likely aiming to encrypt the systems, believes Fox-IT, the company that investigated the attack for the university. With so-called ransomware, hackers can lock down the systems; you regain access after paying a ransom.
Stolen passwords
According to an evaluation, the university proved resilient. However, the security could be improved. The hacker accessed the network remotely using stolen usernames and passwords. Two-factor authentication (with an additional check via your mobile phone) could have prevented this.
Furthermore, the university was aware that these login details had been stolen and were available on the dark web. Affected staff and students had previously been requested to change their passwords, but some ‘changed’ their password to the same (and therefore stolen) password. “We hadn’t technically secured that properly”, says chief information security officer Martin de Vries to the university newspaper Cursor.
Little experience
The hacker likely didn’t have a lot of experience. After a few days, he attempted to disable the backups and installed a tool that triggered alarms. He essentially kicked the door in, De Vries tells Cursor. “I expected he would want to remain under the radar for longer.”
Who is behind the hack remains unknown. Fox-IT detected traces of Cyrillic script, but that was not enough to determine the origin.
Higher education institutions are increasingly facing cyberattacks. The most well-known case is the ransomware attack on Maastricht University, during which a ransom of 200,000 euros was paid, although the university later recouped it with profit.
Read more
-
TU Eindhoven hit by cyber-attack
Gepubliceerd op:-
IT
-
De redactie
Latest news
-
Turndown service
Gepubliceerd op:-
Column
-
-
Voters do make rational choices when they vote for populists, discovered Otto Swank
Gepubliceerd op:-
Eureka!
-
-
Why a social media ban for young people is not the solution
Gepubliceerd op:-
The Issue
-
Comments
Comments are closed.
Read more in at the neighbours
-
Former UvA lecturer Buijs sentenced to five months in prison
Gepubliceerd op:-
At the neighbours
-
-
Moes wants Radboud University to report lecturer to police
Gepubliceerd op:-
At the neighbours
-
-
Editorial teams acquire more independence after censorship
Gepubliceerd op:-
At the neighbours
-
