Threat Watch

Ruhr University Bochum Hit in Cyber Attack

Ruhr University Bochum (Ruhr-Universität Bochum) in Germany announced yesterday that it had to shut down a large portion of their IT infrastructure due to a cyber-attack that occurred between the night of May 6th and morning of May 7th. While many of their services including Exchange and VPN are currently unavailable, the university said that digital teaching was able to continue without disruption. In a later update, the university said that its IT team is currently working with a third party to assess the type and extent of the attack. Future updates can be found on the Ruhr University Bochum homepage.

ANALYST NOTES

Ruhr University Bochum currently recommends faculty and students limit their use of Windows applications to only necessary communication applications until further notice. They are also asking that no attachments from recent email be opened as a precaution and that Microsoft Office document files should not be sent by email. Malware distributed via malicious document files sent through email is a common attacker technique that has been extremely effective to compromise Windows workstations. Managed security solutions such as the Binary Defense Security Operations Center can monitor servers and workstations 24/7 to quickly detect and stop attacks before they spread.

Sources: https://news.rub.de/english/2020-05-07-digital-teaching-continues-rubs-it-infrastructure-down

https://news.rub.de/english/press-releases/2020-05-07-digital-teaching-continues-cyber-attack-ruhr-universitaet-bochum