As ransomware threat actors continue their activities even in these testing times, they now have targeted the educational sector. Reportedly, the Ruhr University Bochum (RUB), Germany, has suffered a ransomware attack. Following the incident, the University shut down its IT infrastructure.
Ruhr University Bochum Disclosed Cyber Attack
The Ruhr University Bochum (RUB) has shared detailed updates regarding a cybersecurity incident that affected the facility recently.
As revealed, the University suffered a cyber attack between May 6, 2020, and May 7, 2020. Consequently, on the morning of May 7, 2020, a large number of varsity systems became unavailable. The incident barred the University members from accessing the IT systems of the University including Outlook and VPN. Moreover, they could also not access the internal portal.
Upon noticing the matter, RUB’s IT Services started investigating the matter. Within a few hours of the initial disclosure, the University confirmed a cyber attack on its systems.
Following the attack on RUB’s central IT infrastructure, the facility shut down almost entire IT services. However, they continued digital teaching services as RUB-Mail, Moodle, Rub-Cast, Zoom, Matrix (Riot).
Besides, due to the shutdown, accessing anyone via email also became impossible. However, the Chancellor assured that employees can be reached via phone during office hours.
Ransomware Attack Suspected
In a recent press release, Ruhr University Bochum mentioned the attack vector as an ‘encryption software’, which hints towards a ransomware attack.
The computer attack with an encryption software has mainly affected the university administration.
Besides, they further elaborated that the attack remained confined to the university’s central servers and didn’t affect any external servers. Hence, services like their learning platform Moodle, Sciebo, Zoom or RUB-Cast remained unaffected during the incident.
Whereas, University’s emails, Windows systems Exchange and Sharepoint suffered the impact.
Although, they haven’t explicitly mentioned anything about the ransom. However, the involvement of an encryption software indicates towards a ransomware attack, since encryption is a typical trait of such malware.
For now, the university continues with its investigations regarding the matter.
Earlier this year, a similar incident surfaced online regarding the Maastricht University as well. The University suffered a ransomware attack just before Christmas.
Let us know your thoughts in the comments.