umich.edu

fwygon , 10 months ago to technology in Temporary Internet Outage on All U-M Campuses

I hope they are transparent about the reasons for this outage after they have resolved the issue(s)

Swimmerman96 , 10 months ago to technology in Temporary Internet Outage on All U-M Campuses

Sunday afternoon, after careful evaluation of a significant security concern, we made the intentional decision to sever our ties to the internet.

I feel like most big announcements like this end up being Ransomware. Cutting off from the wider internet feels like a weird move to defend/mitigate that? Unless it’s to reduce exfiltration?

conciselyverbose , 10 months ago

If enough university hardware was compromised, it could be used combined with their massive bandwidth to springboard into all kinds of attacks.

lemann , 10 months ago

I remember my university disabled SSH access indefinitely for all students a year before my graduation.

It was pretty sweet while it lasted, but apparently bad actors kept attacking it.

lckdscl , 10 months ago

Weird, did they not enforce the use of a VPN if you want to SSH outside the network or was this done by someone on campus?

lemann , 10 months ago

No VPN was provided for us to use - it was pretty much just connect to port 22 with the university’s website as the hostname, from any network.

It was a pretty niche thing as only a few students (including myself) used it remotely, and only a tiny part of the course that included a DBA exercise actually required us to use SSH access an Oracle DB server.

I believe the attacks were carried out external to the campus, but they didn’t clarify that to us

LunarticBot , 10 months ago

That’s just straight up bad IT to do something like that.