On the eve of classes starting for the fall term, the University of Michigan has decided to cut the internet connection of all campuses.
The University of Michigan has more than 30,000 students and has a very large hospital with over 550 beds on its main hospital campus.
It will be interesting to see what prompted the securing of the network. Was this just focused at the hospital, students, or both? Only time will tell.
Sunday afternoon, after careful evaluation of a significant security concern, we made the intentional decision to sever our ties to the internet.
I feel like most big announcements like this end up being Ransomware. Cutting off from the wider internet feels like a weird move to defend/mitigate that? Unless it’s to reduce exfiltration?
If enough university hardware was compromised, it could be used combined with their massive bandwidth to springboard into all kinds of attacks.
I remember my university disabled SSH access indefinitely for all students a year before my graduation.
It was pretty sweet while it lasted, but apparently bad actors kept attacking it.
Weird, did they not enforce the use of a VPN if you want to SSH outside the network or was this done by someone on campus?
No VPN was provided for us to use - it was pretty much just connect to port 22 with the university’s website as the hostname, from any network.
It was a pretty niche thing as only a few students (including myself) used it remotely, and only a tiny part of the course that included a DBA exercise actually required us to use SSH access an Oracle DB server.
I believe the attacks were carried out external to the campus, but they didn’t clarify that to us
That’s just straight up bad IT to do something like that.
I hope they are transparent about the reasons for this outage after they have resolved the issue(s)