{"id":14344,"date":"2020-05-07T22:39:00","date_gmt":"2020-05-07T20:39:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=14344"},"modified":"2020-05-07T22:42:34","modified_gmt":"2020-05-07T20:42:34","slug":"ruhr-universitt-bochum-rub-gehackt","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/05\/07\/ruhr-universitt-bochum-rub-gehackt\/","title":{"rendered":"Ruhr-University Bochum (RUB) hacked"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">[<a href=\"https:\/\/www.borncity.com\/blog\/2020\/05\/07\/ruhr-universitt-bochum-rub-gehackt\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]The Ruhr-Universit\u00e4t Bochum (RUB) has been the victim of a cyber attack. At this time it is recommended that all Windows computer systems on the campus be shut down.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg07.met.vgwort.de\/na\/c14842e4478246ddb5d70f2eb45cfd74\" width=\"1\" height=\"1\">German blog reader Tobias W., a student at the RUB, just sent me the mail 'The RUB has been hacked. It is currently recommended to shut down all Windows systems on the campus network.' &#8211; thanks for that. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"de\" dir=\"ltr\">\u26a0\ufe0f [Thread] Durch einen Computerangriff auf die zentrale Infrastruktur der RUB musste ein Gro\u00dfteil der IT-Infrastruktur au\u00dfer Betrieb genommen werden. Daher steht eine Vielzahl von Systemen nicht zu Verf\u00fcgung (z.B. E-Mail, VPN-Tunnel, internes Serviceportal). ^sk<\/p>\n<p>\u2014 Ruhr-Universit\u00e4t Bochum (@ruhrunibochum) <a href=\"https:\/\/twitter.com\/ruhrunibochum\/status\/1258318249957167105?ref_src=twsrc%5Etfw\">May 7, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script> <\/p>\n<p>On Twitter the university informed about the problem. According to my source there were already problems with IT late Wednesday evening, May 46, 2020.<\/p>\n<p><img decoding=\"async\" title=\"Telekommunikations-Ger&auml;te\" alt=\"Telekommunikations-Ger&auml;te\" src=\"https:\/\/i.imgur.com\/TMYrvtF.jpg\"><br \/>(Source: Pexels Josh Sorenson)<\/p>\n<p>In a first statement the university claims about technical issues in the IT infrastructure of the Ruhr-University Bochum. According to the announcement, a large number of systems have not been available since Thursday, 7 May 2020, from 8 a.m. onwards (CET). As a result, all RUB members have no access to the mail program Outlook and the VPN tunnel, for example, which is necessary to access folders from the home office. <\/p>\n<h2>Hacker attack confirmed by RUB<\/h2>\n<p>At 10:35 am on 7 May 2020, the Ruhr-Universit\u00e4t Bochum (RUB) made the cyber attack from outside <a href=\"https:\/\/news.rub.de\/servicemeldungen\/2020-05-07-angriff-von-aussen-it-infrastruktur-der-rub-ist-zum-groessten-teil-ausser-betrieb\" target=\"_blank\" rel=\"noopener noreferrer\">public<\/a>. In the meantime, it has been established that it is not a technical problem but a computer attack from outside on the central infrastructure of the RUB. <\/p>\n<p>As a result of this attack, a large part of the IT infrastructure of the Ruhr-Universit\u00e4t Bochum had to be taken out of service. Due to the still unclear overall situation, IT Services recommends shutting down at least all networked Windows-based server systems in the faculties as well. If the RUB's homepage also fails, the university wants to provide further information on <a href=\"https:\/\/notfall.ruhr-uni-bochum.de\/\" target=\"_blank\" rel=\"noopener noreferrer\">this page<\/a>.&nbsp; <\/p>\n<p>It is not said whether this is a ransomware attack &#8211; but I suspect it is. Teaching is currently (according to the information I have) no longer possible &#8211; especially during the coronavirus crisis where home teaching was actually used.<\/p>\n<h2>Press release of the RUB<\/h2>\n<p>The RUB has now issued a <a href=\"https:\/\/news.rub.de\/presseinformationen\/servicemeldungen\/2020-05-07-digitale-lehre-laeuft-weiter-cyber-angriff-auf-die-ruhr-universitaet-bochum\" target=\"_blank\" rel=\"noopener noreferrer\">press release<\/a> with a few more details.&nbsp; In the night of 6 to 7 May 2020, a computer attack forced a large part of the central IT infrastructure at the Ruhr-Universit\u00e4t Bochum (RUB) to be taken out of service. What kind of attack is currently being analysed. As an immediate measure, all central servers and backup systems that could be affected were shut down.&nbsp; <\/p>\n<p>All PC applications in the university administration are currently not possible, e-mail via the Exchange system does not work. The services RUB-Mail, Moodle, Rub-Cast, Zoom, Matrix (Riot) are still available. It is considered very unlikely that these applications will be affected by the attack or that a threat could arise from it. The use of these systems is therefore permitted, in particular to maintain the operation of digital teaching. Digital teaching is therefore currently possible without restriction via these systems.  <\/p>\n<p>All Windows-based applications in the faculties and institutions of the RUB should be limited to the most necessary communication processes. As always, no e-mail attachments should be opened. All Office documents should be sent as PDF. <\/p>\n<p>At present, IT Services and an external team of experts are analysing the nature and extent of the damage and how to proceed. Further information and recommendations for action will follow.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]The Ruhr-Universit\u00e4t Bochum (RUB) has been the victim of a cyber attack. At this time it is recommended that all Windows computer systems on the campus be shut down.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580],"tags":[447,69],"class_list":["post-14344","post","type-post","status-publish","format-standard","hentry","category-security","tag-hack","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14344","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=14344"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14344\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=14344"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=14344"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=14344"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}