Last week’s internet outage due to cyber ‘attack,’ Chief Information Officer says
An “attack” on the University’s network caused a campus-wide internet outage on Jan. 20, affecting various systems and services beginning about 12 p.m. that day, according to a Jan. 20 email to the Brandeis community from Chief Information Officer Jim La Creta.
La Creta said that the attack “flooded the network and prevented data to flow to and from the campus network.” He said this prevented many members of the Brandeis community from accessing internet, LATTE and library services, among other campus systems.
In a Friday email to the Justice, Associate Director of Change Management and Strategic Communications of Brandeis Information Technology Services Christine Jacinto shared a statement from ITS clarifying the incident. Chief Information Officer Jim La Creta and Chief Information Security Officer David Albrecht were involved in contributing to the information in the statement. At approximately 11 a.m. on Jan. 20, Trojan malware created a “denial-of-service attack on a single machine that caused a campus-wide outage of IT resources.” Malware is software that either gains unauthorized access to a computer system or damages and disrupts a computer system, and DoS attacks achieve this by overwhelming the network with information. The Jan. 20 attack “flooded the targeted machine with superfluous requests in an attempt to overload the machine/network.”
The overflow of these “superfluous requests” disrupted the flow of legitimate data requests, which led to the outage of the Brandeis systems, per the statement. ITS was notified of the issue, and the networking and systems team began the triage process and responded to the issue.
“Multiple people were deployed onsite and received support from the firewall vendor to identify the source of the issue. Upon identification of the source — a single machine — it was removed from the network,” the statement said.
By 9:00 p.m. on Jan. 20, ITS confirmed that service across the Brandeis campus was restored. Community members had access IT resources again, and an investigation into the machine by an internal security team began. The statement said that the investigation’s official findings may not be reported to the community for several weeks.
— Clarification: This article was updated to clarify additional individuals involved in writing the ITS statement.