The Amsterdam institutions have drawn lessons from what happened at Maastricht University at the end of 2019, according to a UvA page with FAQs about the hack. An unprecedented attack on the ICT systems brought education and research there to a complete standstill at the time. Maastricht University felt they had no choice but to pay a ransom of almost € 200,000.
Has a ransom demand been made in Amsterdam? That was certainly the hackers’ intention, but “it hasn’t come to that, at least not yet”, according to UvA. After the attack in Maastricht, a special security centre was set up and a computer emergency response team was established. In addition, users now often have to go through multiple steps to log in. A spokesperson for HvA talked about a ‘line of defence’ in student magazine Folia.
And this line of defence seems to be doing a good job: education and research have so far experienced only minor disruption from the attack. ICT staff are working on this round the clock behind the scenes, UvA reported in an update.
However, the institutions warn that phishing emails with fake measures against the hack are currently circulating. These emails ask students and staff to check their accounts or change their password for security reasons.
An investigation into the cyber attack is underway, which is why neither of the institutions is willing to give further details at the moment. However, they do emphasise that there is no connection with the recent hack of the Dutch Research Council (NWO). This has also been confirmed by the research financier itself.
“There were messages circulating calling for email attachments and files received from NWO to be discarded as a precaution because they could infect other systems or computers”, a spokesperson explained. “But these incidents are unrelated. What is happening now at UvA and HvA has nothing to do with our hack.”
She cannot say much more at the moment either. NWO, like UvA and HvA, has launched an investigation and has published a list of FAQs.
HOP, Evelien Flink