Hacker had broad access to Eindhoven University's network for days in January

The hacker who was caught carrying out a cyber attack on the Eindhoven University of Technology (TU/e) in January had undetected and broad access to the university’s network for days, NOS reports from a technical investigation carried out by Fox-IT. The cybersecurity company was unable to identify who was behind the attack

The investigation showed that the hacker logged into the TU/e network on January 6. The university only noticed around 10:00 p.m. on Saturday, January 11, when the hacker tried to give themself far-reaching rights for managing the network. At 1:00 a.m. on January 12, when the hacker tried to disable the backups, the university pressed the emergency stop and took the internal network offline for a week.

According to the investigators, the university barely escaped a massive disaster. The hacker had extensive access to the network. They were able to snoop around, search for files, download files, or take the entire system hostage in a ransomware attack.

Luckily, the university noticed when the hacker tried to disable the backups - a typical move in a ransomware attack - and took down the network. In a ransomware attack, the attacker blocks access to a network or database. The victim has two options: restore the backup or pay the ransom to regain access to their files. These types of attacks are, therefore, much more successful if the victim has no backup.

The cyberattack left education at TU/e virtually paralysed for a week. Students couldn’t access their study materials or emails, resulting in canceled classes and postponed exams, among other things.