Hacker TU/e allowed to roam freely for five days
Using stolen login credentials and a few tricks, a hacker managed to penetrate the entire network of TU Eindhoven. A ransomware attack was probably averted at the last moment.
Image by: Wesley Klop
On Monday morning, TU Eindhoven released reports on the hacking incident that occurred last January, leading to a days-long disruption of education. At that time, the university took the network offline to prevent further issues.
The hacker was likely aiming to encrypt the systems, believes Fox-IT, the company that investigated the attack for the university. With so-called ransomware, hackers can lock down the systems; you regain access after paying a ransom.
Stolen passwords
According to an evaluation, the university proved resilient. However, the security could be improved. The hacker accessed the network remotely using stolen usernames and passwords. Two-factor authentication (with an additional check via your mobile phone) could have prevented this.
Furthermore, the university was aware that these login details had been stolen and were available on the dark web. Affected staff and students had previously been requested to change their passwords, but some ‘changed’ their password to the same (and therefore stolen) password. “We hadn’t technically secured that properly”, says chief information security officer Martin de Vries to the university newspaper Cursor.
Little experience
The hacker likely didn’t have a lot of experience. After a few days, he attempted to disable the backups and installed a tool that triggered alarms. He essentially kicked the door in, De Vries tells Cursor. “I expected he would want to remain under the radar for longer.”
Who is behind the hack remains unknown. Fox-IT detected traces of Cyrillic script, but that was not enough to determine the origin.
Higher education institutions are increasingly facing cyberattacks. The most well-known case is the ransomware attack on Maastricht University, during which a ransom of 200,000 euros was paid, although the university later recouped it with profit.
Read more
-
TU Eindhoven hit by cyber-attack
Gepubliceerd op:-
IT
-
De redactie
Latest news
-
NOS: Crisis of trust and culture of fear in Erasmus MC intensive care unit
Gepubliceerd op:-
Safety
-
-
Psychological support and financial assistance for Iranian students in the Netherlands
Gepubliceerd op:-
Student life
-
-
EM TV newsflash: Temporary meditation centre in P building, budget cuts in honours programmes, and student jailed for possession of weapons
Gepubliceerd op:Article type: Video-
Campus
-
EM TV
-
Comments
Comments are closed.
Read more in At the neighbours
-
Conflict around far-right VSP continues to escalate
Gepubliceerd op:-
At the neighbours
-
-
Former UvA lecturer Buijs sentenced to five months in prison
Gepubliceerd op:-
At the neighbours
-
-
Moes wants Radboud University to report lecturer to police
Gepubliceerd op:-
At the neighbours
-
