Skip to main content
Netherlands News in English

Main navigation

  • Top stories
  • Health
  • Crime
  • Politics
  • Business
  • Tech
  • Culture
  • Sports
  • Weird
  • 1-1-2
Image
University of Amsterdam logo
University of Amsterdam logo - Credit: Photo: Wikimedia Commons
Innovation
University of Amsterdam
cyber attack
Blackboard software
security vulnerabilities
cybersecurity
Bram ter Borch
Auke Zwaan
Annelies van Dijk
IT department
Wednesday, 24 May 2017 - 12:30

Share this article:

Opens in a new window Opens in a new window Opens in a new window Opens in a new window Opens in a new window Opens in a new window

Cyberattack could target Univ. Amsterdam via customized Blackboard software

The modified version of Blackboard software used by the University of Amsterdam contains major security vulnerabilities that can easily be exploited by cyber attackers, according to two students at the university who researched this as part of their studies, NU.nl reports.

According to students Bram ter Borch and Auke Zwaan, they shared these vulnerabilities with the university's IT department in May last year, but the department did not do enough to fix the problems. So the students decided to make their findings public.

They found that the modified Blackboard version used by UvA students and lecturers to login has some obvious security risks. For example, after logging in, users are redirected to an unencrypted website, which can easily be taken over by hackers.

Entered passwords are also poorly encrypted and poorly protected. For example, there was no limit on the number of login attempts from one IP address. And you could change your password without entering the old password.

Using their own Blackboard accounts, the two students managed to get hold of a list of details for 143 thousand accounts - including name, surname and email address. Many of these accounts' passwords were the same as the username. With that knowledge Ter Borch and Zwaan could access almost 11 thousand accounts, including a test account that has access to almost the entire Blackboard environment.

The students also managed to install malware on popular pages, such as the introduction page for a particular subject, with which they could take over accounts of the visitors.

In response to the published study, UvA spokesperson Annelies van Dijk said that the Blackboard software was upgraded in the summer of 2016 and regular patches are installed. "With these kinds of updates we try to prevent these kinds of holes", he said accorrding to the enwspaper. Van Dijk acknowledged that not all the vulnerabilities in the study have been fixed, but denies the students' accusation that the university did not take their findings seriously. "It has our continuous attention."

More like this

Image
An offshore windfarm
Russia and China are "intensifying" cyber attacks on the Netherlands, NCTV warns
Image
Burned building at the Maidan in Kyiv, Ukraine
Dutch worried about cyberattacks, war close to home; Less about further-away threats
Image
A man using his laptop and mobile phone to perform cybercrime activities.
AI increases the dangers of phishing and cyberattacks, says Dutch data authority
Image
Illegal Cobra fireworks
New forensic method can prove link between explosive attacks
Make NL Times your top Google source

Follow us:

Latest stories

  • Video: Bullet flies through city bus in Rotterdam shooting
  • Trump administration starts campaign to "isolate" ICC for its "war" on U.S.
  • OLVG hospital in Amsterdam starts trial with late abortions
  • One killed in stabbing on Roermond street; Suspect arrested
  • Netherlands to start military exercises with Ukraine, help design new air defense system

Top stories

  • OLVG hospital in Amsterdam starts trial with late abortions
  • One killed in stabbing on Roermond street; Suspect arrested
  • Netherlands to start military exercises with Ukraine, help design new air defense system
  • Ter Apel asylum center area declared safety risk zone after recent stabbings, fights
  • Suspect in ABN Amro worker's fatal stabbing also harassed four other women

© 2012-2026, NL Times, All rights reserved.

Footer menu

  • Change Privacy Settings
  • Privacy Policy
  • Contact
  • Partner Content