The rector of the Autonomous University of Barcelona (UAB), Javier Lafuente, has not been able to rule out 100% this Thursday that cyber attackers have personal data of the students, such as account numbers or their notes, after one month of the attack that brought down campus computer systems. The rector’s commissioner for ICT, Jordi Hernández, has detailed that the attacked servers contained mainly “day-to-day office automation files.” According to him, it is mainly information that is already public – such as tenders or invoices – so he sees “a residual risk” in which the hackers have compromised data. On their website, on the so-called dark internet, hackers announce that they will publish UAB data “soon”.
Autonomous was attacked with the virus of the type ransomware Pysa, which encrypts the hijacked data. Then the hackers They ask for a reward from the attacked organization. The university has reiterated that “it does not give validity or a voice to criminals”, which the Mossos d’Esquadra are investigating, along the lines that it has already positioned for a few weeks that, as a public institution, it does not consider paying. However, Lafuente has explained that he is aware of the threat of attackers, through the Catalan Cybersecurity Agency, of sharing campus information. Some media reported that the pirates gave an ultimatum to publish the data last Wednesday. However, the date that appears next to the threat (11/10/2020) is in Anglo-Saxon format, so it is the date of the attack (October 11), and not November 10, as he has qualified the UAB.
The UAB virtual campus, which centralizes the students’ day-to-day life, still does not work. Instead, the university’s IT services have supplied its functionalities within Microsoft’s Teams collaborative work tool. For two weeks teachers, staff and students have also recovered the email. However, as Lafuente has pointed out, the effects of the cyberattack will last throughout the course. “We have decided to rebuild the computer systems again to guarantee normality without putting the institution at risk,” said the rector. You have given an example. The UAB website, which is still down and a simple informative blog appears on its site, was physically hosted on a university server. In a few weeks it will be active again in the so-called internet cloud, in a data center of a large IT corporation.
The UAB still does not know what was the weak point where the attackers entered. The university’s IT staff continues to work on a diagnosis with the Cybersecurity Agency and an external company. Lafuente has ensured that the implementation of alternative computer tools allows us to continue with the day-to-day teaching and research on campus. The first thing that recovered, within a week of the attack, was Wi-Fi access to the internet, isolated from the internal network. In the backup copies of the affected computers, the technological services continue to analyze in search of security holes. The university avoids restoring these backups as they are by not exposing themselves again to the same risks.
One million in computer security
The rector of the university, Javier Lafuente, explained that in 2021, before the cyberattack, the UAB had invested more than one million euros in cybersecurity, an item that has monopolized two thirds of the IT budget for the last two years. “The system was not weak, but the technology [la de los virus] it is moving faster ”, the rector explained about investing in a technology that occupies 1,200 servers and provides service to 50,000 people from the university community. The first priority now is the recovery of the records and financial management system. Then, according to Lafuente, ICT services will rebuild the virtual campus.
The UAB owns around 10,000 personal computers, which have been screened to determine which ones can be moved around the Internet again without risk of reinfection. The arrival of the cyber attack came after three semesters affected by the health crisis, in which the university had to reinvent itself on the internet. The rector of the UAB, Javier Lafuente, issued a resolution on October 21 to suspend the deadlines in the administrative processes of the university with a validity of two months from the cyberattack.
#UAB #sees #residual #risk #cyber #attackers #publish #personal #data