With the HAW - the Hamburg University of Applied Sciences, another educational institution was hit by a cyber attack. At times, all computer systems and even the university's locks were affected. Things are now under control again.
Shortly before the turn of the year, the cyber attack was carried out on the HAW - the Hamburg University of Applied Sciences. The attack was so massive that the university took everything offline to prevent further damage. To date, however, the damage is still so great that all communication by telephone or e-mail is not yet possible.
HAW: Crisis team coordinates the process
The crisis team, which has been working for days, can probably not give any further information by when the damage will be repaired. The following areas are to be processed with priority: the central identity management system, MS teams as the central communication medium and the electronic locking systems.
The university's website currently serves as the central point of contact for all students. The university has also set up an FAQ area there that answers urgent questions. The school itself states:
“The technical information and communication infrastructure at HAW Hamburg has been attacked. This was established on December 29, 2022. Due to this attack and to avoid further damage, the entire communication infrastructure was shut down as a precaution. This results in drastic restrictions on critical IT services. The restrictions affect the entire university and all its areas. Since the damage assessment is still ongoing, no reliable forecast can be made at this time as to when which IT services will be available again."
HAW Hamburg has convened a crisis management team and involved an IT service provider to support them with forensic investigations and the restarting of the various services.
Encryption points to ransomware
There is still no confirmation that the university has been hit by ransomware and that a ransom is being demanded. But in a statement, encrypted systems and deleted backups are reported.
"According to the current state of knowledge, the attackers worked their way manually from decentralized IT systems via the network to the central IT and security components of HAW Hamburg. They also gained administrative rights to the central storage systems via this attack path and thus compromised the central data storage. With the administrative rights obtained, the encryption of various virtualized platforms and the deletion of saved backups were finally started.”
Similar procedure as at the University of Duisburg-Essen (UDE)
The University of Duisburg-Essen (UDE) recently became the victim of a cyber attack, which it is still struggling with. The university provides information on its website about your reboot program and the steps currently running. The refurbishment will take the university months. She too was hit by ransomware and didn't pay a ransom.
Editor/sel
More at HAW-Hamburg.de/cyberattack/