Stolen passwords
Hackers stole the 'keys' to TU Eindhoven
Photo: WIkipedia
Cyber security guards at TU Eindhoven spotted intruders on their network about two weeks ago, in the middle of the weekend. They shut down the entire network to keep the intruders from stealing any data. De Volkskrant now reports, based on anonymous sources, that the hackers got inside using stolen "keys". They had the passwords of a student and an employee of the university.
Phishing
It is common for passwords to be stolen or leaked through phishing messages. Joint ICT organisation Surf says that most educational institutions in the Netherlands use two-factor authentication to prevent people with stolen passwords from getting into their networks. This means students and staff must confirm their identity on their smartphones before being allowed to log in. This is done through specific apps or additional security codes.
TU Eindhoven doesn't yet know if the hackers cracked that second step. It is possible that not all of the university's applications were secured with two-factor authentication.
Information shared
According to De Volkskrant, TU Eindhoven has shared information about the hack with other educational institutions. As a result, Radboud University announced last week that it has accelerated the introduction of two-step authentication on a specific application called EduVPN. Many other applications used by that university already required users to enter an additional code when logging in.
EduVPN is an application from Surf that allows people working from home to connect to the university's network. It is up to each university to decide how strict the security will be on the application, explains Surf spokesperson Tom Hoven. "Our advice to institutions is to assess the risks. Universities know where they store their sensitive data, so it is up to them to decide where to use two-factor authentication."
Last Monday, TU Eindhoven's network was functioning properly again and their teaching resumed in full. The university has hired FoxIT to investigate the hack further. The police are also involved, reports their university magazine, Cursor. The university plans to publish its takeaways about this incident in April.