Hackers target a lot of organizations for many reasons. Some of the most impacted by these attacks are academic institutions and even healthcare, with the most recent victim being the University of Michigan.
UMICH Cyberattack
Both the staff and the student were warned via email that they were required to change their account passwords due to a recent cyberattack. The university refused to disclose information about the attack since it might "compromise important work."
The university's Director of Public Affairs only said that they had no other information they could share on the investigation. As for the things that they did share, students were given a deadline for resetting their passwords the easy way.
UMICH CISO Sol Bermannand CIO Ravi Pendse stated that the community members of the affected accounts will have until September 12 to change their UMICH passwords. The accounts are needed to use U-M Weblogin and U-M managed devices.
The password requirements for the reset are a bit more complex than most. Firstly, it has to be 15 characters or more. It also cannot contain parts of the user's name and surname, and it will be checked against a database of known breached passwords.
Failure reset means that the students and staff who did not comply will not be able to enter their accounts. According to Bleeping Computer, resetting passwords after the deadline will be a much more difficult process through the university's forgotten password recovery procedure.
Several systems were impacted by the cutting of internet connections within the campus including wired internet, Wi-Fi, M-Pathways, eResearch, DART, and all systems used in the student registration process, although Wi-Fi has since been restored.
The University of Michigan's first report on the incident was back on August 28th wherein all its systems and services were taken down. UMICH states that the action was to give their IT teams the space required to address the issue in the "safest possible manner."
Michigan State University Was Also Attacked
It's not a good few months for universities in Michigan. MSU reportedly suffered a cyberattack as well. Just like UMICH, students received an email informing them of the data breach. The attack allows the bad actors to access MSU students' personal data.
It's not the university's system itself that was infiltrated. Instead, two companies that the MSU shares student data with were, according to The State News. One was for verification and research services, while the other provided educational reporting.
The group behind the cyberattack was "CL0P," who used the vulnerability in the MOVEit transfer platform. As proof that the hacker group was successful in stealing the data, they leaked parts of the data online, which follows a threat of releasing everything if a ransom wasn't paid.
Media and Information Professor from MSU, Rick Wash says that they are uncertain about what information the ransomware group managed to steal, or if they will ever release the data. It's said that the amount of data makes it hard for hackers to find which would be dangerous to make public.