The University of Michigan experienced an internet outage on August 27th that affected students, faculty, and staff across all three campuses just as the fall semester was kicking off. The outage began at approximately 1:40 p.m. and lasted for several hours.
The university said that the outage was caused by a "significant cybersecurity concern," but it did not provide any further details about the nature of the threat.
The outage affected access to a variety of university systems, including email, Canvas, and Wolverine Access. Students and faculty were also unable to connect to the internet on their personal devices. Students and staff expressed frustration trying to connect to Wi-Fi via their mobile phones and not being able to get in contact with friends, family, and loved ones.
The university said that it is working to investigate the cause of the outage and to restore service as quickly as possible. In the meantime, it has provided students and faculty with instructions on how to access essential services via alternative methods.
The university has said it will provide updates on the situation as they become available. In a statement, University of Michigan President Santa Ono said that the outage was "a major inconvenience" for the university community, and that the university is taking the incident "very seriously" and is working to prevent it from happening again.
The outage is the latest in a series of cybersecurity incidents that have affected universities in recent years. In 2022, the University of California, Los Angeles (UCLA) was hit by a ransomware attack that affected its IT systems. And in 2021, the University of Texas at Austin was hit by a phishing attack that led to the theft of personal information from students and faculty.
Cybersecurity experts are saying that the University of Michigan incident is a reminder of the importance of staying vigilant against cyberattacks.
"This incident is a reminder that no organization is immune to cyberattacks," said David Derigiotis, Chief Insurance Officer at Embroker. "Universities are increasingly reliant on technology, and they need to take steps to protect their systems."
Kevin Beaumont, Cybersecurity Analyst at Malwarebytes, said: "The University of Michigan incident is a wake-up call for all universities. They need to take their cybersecurity seriously and implement the necessary measures to protect their systems."
John Bambenek, Principal Threat Hunter at Netenrich, added: "This incident shows that even the most well-resourced organizations can be targeted by cyberattacks. Universities need to be proactive in their approach to cybersecurity and have a plan in place to respond to incidents."
Universities have a wealth of valuable data, such as student records, research data, and financial information. Hackers can use this data to commit identity theft, fraud, or other crimes.
Universities can take the following steps to protect themselves from cyberattacks:
- Implementing multi-factor authentication: MFA requires users to provide two or more forms of identification to authenticate themselves, such as a password and a code sent to their phone. This makes it more difficult for hackers to gain unauthorized access to accounts.
- Regularly updating software: Software updates often include security patches that can help to protect systems from known vulnerabilities. It is important to keep software up to date to minimize security vulnerabilities.
- Training employees on cybersecurity best practices: Employees and end-users should be trained on how to identify and avoid cyber threats. This includes training on how to create strong passwords, avoid clicking on suspicious links, and report suspicious activity.
