University of Michigan’s has its first day of school offline after a cyberattack

As announced on University of Michigan’s (U-M) website, the day before the new academic year, all its systems and services were taken offline to deal with a cybersecurity incident which caused a widespread impact on online services for classes starting the next day.

Starting on Sunday, a cybersecurity incident caused IT outages and disrupted access to wired and WiFi campus internet, vital online services and email. Despite U-M’s IT team’s attempts to restore the impacted systems, the administration felt it was safest to disconnect the U-M network from the internet due to the severity of the event.

  • “We took this action to provide our information technology teams the space required to address the issue in the safest possible manner,” reads the status update from Sunday.

Students rely on the currently offline systems to access class information and to navigate the large campus. Due to the lack of access, various accommodations will be made for students for August.

Emily Phelps, Director, Cyware had this comment:

   “It is a significant decision for any organization to take its systems offline following a cyberattack. For a large university to make this call the day before classes began illustrates the severity of the attack. Whether an organization’s systems are taken down by the attack itself or following the attack to address it safely, the outcome is the same: operational disruption, economic impact, and potential panic. As an industry, we want to enable institutions to move from a reactive to a proactive posture to minimize the need to take their systems offline.”

Dave Ratner, CEO, HYAS follows with this:

   “This attack further proves that no one should consider themselves safe from being targeted. We live in a world where every organization can and will be breached, and the only solution is to focus on proper operational resiliency, business resiliency, and business continuity. As part of this, visibility and observability into anomalies on the network and the early detection of the digital exhaust from a breach is critical so that an attack can be detected, mediated, and rendered inert before widespread damage ensues.  

   “CISA and the NSA don’t just recommend Protective DNS for governments and critical infrastructure — it’s increasingly clear that it is a vital component for every organization and network.”

Education is a high value target in a world where everyone is a high value target to some degree. But they because of being constantly cash constrained don’t often have the resources to make sure that they are fully protected from a cyberattack. That needs to change as this particular attack was pretty crippling. And I can see other attacks at other educational institutions being equally as crippling.

Leave a Reply

%d bloggers like this: