UM holds crisis meeting on new security leak

UM holds crisis meeting on new security leak

"We worked through the weekend to trace any weaknesses"

14-12-2021 · News

‘No, not again,’ some ICTS staff will have thought last week, when a security leak was discovered in the Java software that makes institutes and businesses vulnerable to ransomware. The attack two years ago - also in December – is still fresh in everyone’s mind. The UM therefore organised a crisis meeting last Friday afternoon.

“We were extremely shocked,” says security officer Bart van den Heuvel. “We often hear that vulnerabilities have been discovered, but this is really serious. In particular because this is interwoven in the infrastructure and in a lot of programs.”

The leak also appears to be easy to abuse. Hence, the National Cyber Security Center (NCSC) is assuming that criminals are ready and waiting to gain access to businesses and institutes. Or worse, have already gained access. 

That is why the "UM’s entire IT column" already jumped into action on Friday. Van den Heuvel: "We drew up a defence plan, we worked through the weekend to trace any weaknesses. IT staff went in search of a specific module in the Java software within the faculties and service centres, to find out where the leak is. It concerns software that creates ‘log files’ on servers, which track who is accessing the computers and why."

The software is hidden in dozens of places within the UM, but there is still no complete overview, says Van den Heuvel. “We did update the most important software and systems on Friday and Saturday. We think that practically everything is in order, but there is no such thing as a 100 per cent guaranteed IT security. It is imaginable that criminals slipped in before the repairs, and will only hit the target weeks later. Anyway, since the last hack we have a 24/7 security service, so if things go according to plan, we can detect these kinds of suspicious manoeuvres quickly."