Cyberattack UM

On the evening of December 23rd 2019 it becomes clear that Maastricht University has been hacked. The UM network is down. They have been struck by a cyberattack with ransom software; everything is locked down, and payment has to be made to obtain a key.

'The UM could have been better prepared'

'The UM could have been better prepared'

MAASTRICHT. The Inspectorate of Education is satisfied with Maastricht University’s performance after the cyberattack last December. Everything was focused on the continuation of education after the Christmas period, it states in a report that was published last Friday. To this end, the Executive Board took “well-considered decisions”. With this, the Inspectorate approves of the ransom payment by the UM. Nevertheless, the hack had more drastic consequences than was necessary. The UM could have been better prepared, suitable measures were “not always” taken beforehand.

Again the cyber attack, now on TV

Again the cyber attack, now on TV

What exactly happened during the cyberhack last December? Next Wednesday, UM will once again disclose what happened in the TV programme De Kennis van Nu (The Knowledge of Now). The research institute for water technology Wetsus from Leeuwarden, which...

No ‘taxpayer’s’ money to cybercriminals

No ‘taxpayer’s’ money to cybercriminals

MAASTRICHT. The ransom that was paid to the cybercriminals on 29 December after they had put a digital lock on Maastricht University’s computer systems, did not come from the UM’s regular reserves. The sale of a company from UM-Holding just prior to the hack, had yielded enough to pay the almost two-hundred-thousand-euro ransom.

“Great moral objections” against paying a ransom

“Great moral objections” against paying a ransom

MAASTRICHT. It is now official: yes, a ransom was paid to the cybercriminals who hacked the UM systems on 23 December. And yes, the amount was almost two hundred thousand euros. Why was the UM not adequately protected? The Executive Board’s answer to this question has many different shades. And no, it is not likely that any personal data or scientific data fell into the wrong hands: further investigation continue.

“Good hope” that neither scientific data nor personal information has been stolen

MAASTRICHT. Was or is scientific data in danger as a result of the cyberattack on 23 December? It appears that this was not the case. What about the privacy of students and staff? If personal information has been hacked, that would be a risk. But the UM’s management is optimistic.

“Van onze wetenschappelijke data is niets verdwenen”

“Van onze wetenschappelijke data is niets verdwenen”

MAASTRICHT. Dreigden er wetenschappelijke data van de Universiteit Maastricht te verdwijnen als gevolg van de cyberaanval van 23 december? De Volkskrant suggereerde vanmorgen (24 januari) dat dat het geval zou zijn, met de melding dat ook de back-up ...

Cyberattack started back in October; Utrecht was secured

MAASTRICHT. The cyberattack on Maastricht University may have only erupted to its full extent on 23 December 2019, the first breach took place more than two months before. This was reported by well-informed sources. Fons Elbersen, interim spokesman for Maastricht University, does not want to comment. “We will give answers to such questions on 5 February, during a special meeting.”

“Those hackers will most likely never be found”

“Those hackers will most likely never be found”

Reports indicate that Maastricht University paid a couple of hundred thousand euro ‘ransom’ to the cybercriminals who locked down the university just before Christmas, and having done so, received the key to gain access to its systems again. Supposedly, the amount was paid in bitcoins, the currency hackers like to deal in. Why is cryptocurrency so attractive for criminals? 

University of Calgary: “We’re a public sector organization and pride ourselves on our openness”

University of Calgary: “We’re a public sector organization and pride ourselves on our openness”

The University of Calgary paid a 20,000 Canadian dollar ransom in bitcoins to hackers after a malware attack in May 2016. In contrast to Maastricht University, which was hit before Christmas and is still recovering, the Canadian colleagues admitted almost a week after the attack that they paid the ransom, as well as releasing the amount paid. Why did they publicise it? And what lessons have been learnt? 

Parliamentary debate on UM cyberattack

MAASTRICHT. ​There is soon to be a parliamentary debate on the cyberattack that hit Maastricht University just before Christmas. The exact date is not yet known. On 5 February, the UM itself will “reveal all” during a public meeting in Maastricht. The hack will be subject of discussion during a private meeting of the University Council today, Wednesday 15 January.

"The question about the ransom will also be answered then”

MAASTRICHT. On 5 February (rather than 6 February, as was initially stated by the Executive Board), Maastricht University will “reveal all” about the cyberattack. During a public meeting, the UM intends to present its findings concerning the ongoing investigation into the hack, and provide answers to (almost) all the questions. That includes the question as to whether a ransom was paid and if so, how much.

Reconstruction of the cyberattack based on facts and plausibility

Reconstruction of the cyberattack based on facts and plausibility

23 December 2019, 19:35hrs. Personnel from the UM’s IT service ICTS notice that various systems are slowing down. The permanent internal crisis team CERT (Computer Emergency Response Team) sounds the alarm. The UM has been hacked. Within an hou...

Eliminating the effects of the cyberattack could take weeks

MAASTRICHT. It could take weeks before all the effects of the cyberattack have been eliminated. But last Monday, education programmes started up again with hardly any problems. On Tuesday, the e-mail system was back online again and the network disks that are so important to researchers, were fully accessible. Sister universities are meanwhile taking additional measures.

“The UM is solid as a rock in times of crisis”

“The UM is solid as a rock in times of crisis”

MAASTRICHT. If there is anything we have seen during this recent cyberattack, said President Martin Paul last Monday at a well-attended New Year’s reception in the Bonnefantenmuseum, it is the community spirit within this university. Some staff...

“Colleagues here at DKE said: “If everything is up and running again within a month, they will have paid”

“Colleagues here at DKE said: “If everything is up and running again within a month, they will have paid”

MAASTRICHT. To everyone’s relief, the e-mail system could be used this Tuesday. But on the first Monday of 2020, that wasn’t possible yet. How did that day go? And what do students and staff think about paying ransom money?

Monday 6 January and e-mail system still not up and running

MAASTRICHT. Monday, 6 January 2020, the first day back after the Christmas holidays, staff and students still cannot use the UM’s e-mail system. There is no access to the Internet and the data files on network disks either. It may take a few more days before all of this is up and running again, the UM announced in Update #12.

Update: Wi-Fi restored; computers allowed to be switched on

Update: Wi-Fi restored; computers allowed to be switched on

MAASTRICHT. Just over a week after the cyberattack targeted at Maastricht University, more and more systems are working again. A (partially) operational Wi-Fi network has been added to the (partially) accessible student portal and Blackboard/Eleum. Students and staff can also use their computers or devices again.

“How long is all this going to take?”

“How long is all this going to take?”

Most students and staff are still enjoying their holidays, but Maastricht University has nevertheless opened its doors again on Thursday, 2 January. After the cyberattack, just before Christmas, the university is trying to inform all those concerned in a variety of ways. As of today, the web-based FAQ list, the dedicated telephone line and e-mail address have been expanded by eight information desks in a number of buildings. Observant went to have a look.

Cyberhack: Maastricht University pays ransom

Cyberhack: Maastricht University pays ransom

MAASTRICHT. Maastricht University, which was hit by a cyberattack just before Christmas, paid the ‘ransom’ to the hackers. In doing so, the key was obtained to make systems accessible again. This was reported by well-informed sources at the UM. No official statements are being given.

Education programmes resume on 6 January, resits will also take place as planned

Education programmes resume on 6 January, resits will also take place as planned

MAASTRICHT. The consequences of the cyber-attack on Maastricht University have been solved to such a degree that education programmes can be resumed on 6 January 2020 as planned. The UM has stated this in a new update on its website. Resits that have been scheduled, will also take place in that week because a number of IT systems necessary for education and students will be back online on 2 January. This includes the UM Student Portal, Blackboard, Eleum and the system that provides access to the study timetables.

UM wants to set up ‘help lines’ for students and staff

MAASTRICHT. Maastricht University buildings will open on Thursday 2 January, no matter what, so even if the consequences of the cyber-attack have not yet been solved by then. Furthermore, ‘help lines’ (on faculty, central and service centre level) will be set up for students and staff who have questions.

More than 250 concerned students and staff e-mail the UM

MAASTRICHT. About 250 employees and students have contacted the university after the cyber-attack on the night of 23 December, using the special e-mail address info@m-u.nl set up for this purpose. The primary questions for them include: Which systems have been affected? How long will all this take? What about my data? Are my exam results safe?

UM has been in contact with cybercriminals

UM has been in contact with cybercriminals

MAASTRICHT. During the night of 23-24 December, Maastricht University was hit by Clop ransomware. About twenty-five people are working every day in two shifts to determine the extent of the cyberattack. It’s unclear how long this will take, says Fons Elbersen, UM’s new temporary spokesperson.

Cyber-attack on Maastricht University

MAASTRICHT. On the night of 23 December, Maastricht University fell victim to a serious cyber-attack with the so-called Clop virus (ransomware). This made access to a lot of scientific data impossible. The e-mail system is down too, and the Student Portal and the library are offline. Exactly how this happened is now being investigated, says spokesman Gert van Doorn.