NEWS
On 2 May, an ongoing cyberattack against Umeå University was discovered. In-depth analyses showed that the attack was serious. Extra security measures and safety precautions have been taken.
The IT Office (ITS) at Umeå University, discovered a cyberattack on 2 May. Immediately, extensive troubleshooting and other measures to stop the attack were initiated.
Updating passwords
To continue the security work after the cyberattack, all students and staff are urged to change their Umu-id password. Anyone who does not yet have multi-factor authentication (MFA) installed, are also urged to install it.
“We understand that this could cause hassle for some of our students and staff, but this security measure is necessary. I hope that everyone understands that this needs to be done and it’s a relatively simple procedure that everyone is urged to do regularly anyway. Servicedesk also offers additional support and we hope that this will run smoothly with the help of existing manuals,” says Therese Strandberg, head of the IT Office at Umeå University.
“An attack on society"
“IT breeches are regretfully reality these days, and I want to emphasise that this is very serious and an attack on society. We have filed a police report and do everything in our power to protect staff, students and our operations. Luckily, the impact on our daily operations has been fairly limited so far, and I would like to issue a huge thank you to everyone involved in solving this situation,” says University Director Hans Wiklund.
Extra security measures have been taken that in turn lead to some disruptions to certain systems and tools used by students and staff.
“Our ambition is that further systems that have been shut down will open as soon as it is deemed safe,” says Therese Strandberg, Head of the IT Office.
"We have reached a plateau"
As of 8 May, the University is assessed to have recovered from the attack detected on 2 May. But the protection work continues and it may still affect systems and digital tools for students and staff, although the vast majority can perform their studies and work unhindered.
“Right now, we have reached a plateau where we can breathe a little after the intrusion and we see nothing that suggests that the attack is still active. Albeit, protective efforts will continue for some time to come. We won't take any risks,” says Therese Strandberg.
She wants to emphasise that any disruptions experienced by staff and students at this stage are entirely caused by the University's protection work.
“We're grateful that many students and staff are understanding of the need for us all to do what we can to protect ourselves and the University. Even if this means that things can get a bit complicated and that we've had to intervene at very short notice, such as when changing passwords."
