Ruhr-University Bochum (RUB) hacked

[German]The Ruhr-Universität Bochum (RUB) has been the victim of a cyber attack. At this time it is recommended that all Windows computer systems on the campus be shut down.


German blog reader Tobias W., a student at the RUB, just sent me the mail ‘The RUB has been hacked. It is currently recommended to shut down all Windows systems on the campus network.’ – thanks for that.

On Twitter the university informed about the problem. According to my source there were already problems with IT late Wednesday evening, May 46, 2020.

(Source: Pexels Josh Sorenson)

In a first statement the university claims about technical issues in the IT infrastructure of the Ruhr-University Bochum. According to the announcement, a large number of systems have not been available since Thursday, 7 May 2020, from 8 a.m. onwards (CET). As a result, all RUB members have no access to the mail program Outlook and the VPN tunnel, for example, which is necessary to access folders from the home office.


Hacker attack confirmed by RUB

At 10:35 am on 7 May 2020, the Ruhr-Universität Bochum (RUB) made the cyber attack from outside public. In the meantime, it has been established that it is not a technical problem but a computer attack from outside on the central infrastructure of the RUB.

As a result of this attack, a large part of the IT infrastructure of the Ruhr-Universität Bochum had to be taken out of service. Due to the still unclear overall situation, IT Services recommends shutting down at least all networked Windows-based server systems in the faculties as well. If the RUB’s homepage also fails, the university wants to provide further information on this page

It is not said whether this is a ransomware attack – but I suspect it is. Teaching is currently (according to the information I have) no longer possible – especially during the coronavirus crisis where home teaching was actually used.

Press release of the RUB

The RUB has now issued a press release with a few more details.  In the night of 6 to 7 May 2020, a computer attack forced a large part of the central IT infrastructure at the Ruhr-Universität Bochum (RUB) to be taken out of service. What kind of attack is currently being analysed. As an immediate measure, all central servers and backup systems that could be affected were shut down. 

All PC applications in the university administration are currently not possible, e-mail via the Exchange system does not work. The services RUB-Mail, Moodle, Rub-Cast, Zoom, Matrix (Riot) are still available. It is considered very unlikely that these applications will be affected by the attack or that a threat could arise from it. The use of these systems is therefore permitted, in particular to maintain the operation of digital teaching. Digital teaching is therefore currently possible without restriction via these systems.

All Windows-based applications in the faculties and institutions of the RUB should be limited to the most necessary communication processes. As always, no e-mail attachments should be opened. All Office documents should be sent as PDF.

At present, IT Services and an external team of experts are analysing the nature and extent of the damage and how to proceed. Further information and recommendations for action will follow.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *