IIT-Madras (IIT-M), India’s premier technical university, faced a cyberattack, which resulted in a takedown of its email services and servers. The type and extent of the cyberattack are not certain but for technical assistance and expertise, IIT-M onboarded Microsoft. The move was made considering that majority of the affected servers and systems on the University campus are run on Windows.
On February 17, 2020, the email services of employees and students of IIT-M were disrupted as they were unable to send or receive emails. Soon a server-related dysfunction was found to be the cause. But this dysfunctionality showed traces of a cyberattack targeted towards the Windows-based systems and network of the University. Thus, without wasting much time Microsoft was called upon to join the team of senior officials at IIT-M investigating the incidence for an additional set of expertise.
Fortunately, the University had a risk mitigation plan in place following an increased number of cyberattacks and hacking attempts in the recent past. This meant that a backup for the University’s email system, just prior to the attack, was available with IIT-M’s network administrator. Owing to this, the S-mail services, which is an internal email service for the University’s students, were restored by the evening of February 20, 2020. The faculty’s Outlook email services though were still in the process of restoration.
Educational institutions have seen a steep rise in cyberattacks as it has a larger number of systems (computers) connected on a single or interconnected network(s) and comparatively less security as compared to business and enterprise networks. One such identical incident is the ransomware attack on the Maastricht University in the Netherlands.
Maastricht University Ransomware Attack
The massive ransomware attack that hit the Maastricht University just two days before Christmas 2019 took down almost all Windows systems at the university and particularly affected the University’s email services. In order to contain the damages and complete the ransomware attack analysis, the University itself took down all its systems. The Maastricht University eventually ended up paying the ransom amount of 30 bitcoins amounting to US$220,000 (€200,000) for unlocking the systems and servers compromised during the ransomware attack.