View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 3, 2023updated 28 Apr 2023 9:23am

University of Zurich hit with ‘serious’ cyberattack

The attack on Switzerland's largest university is the latest in a line of hacks on German-language speaking institutions.

By Ryan Morrison

The University of Zurich has become the latest in a long line of German-language institutions to be hit by a cyberattack in recent weeks. The university says it isn’t aware of any data being encrypted or extracted and IT services are continuing to operate as normal following the attack, which took the university’s website offline earlier today.

The University of Zurich says the attack was "professional" and serious but couldn't say the full extent (Photo: Judith Linine/Shutterstock)
The University of Zurich says the attack was ‘professional’ and serious but couldn’t confirm the full extent of it. (Photo by Judith Linine/Shutterstock)

With more than 25,000 students and 3,700 staff, the University of Zurich is the largest in Switzerland with several campuses across the city.  The university says it has strengthened its security measures, describing the attack as “extremely professional” and “serious” despite no clear damage being done so far.

University of Zurich cyberattack could cause ongoing disruption

It has urged students and staff to change passwords, leaned on external support including the Zurich cantonal police and isolated compromised accounts and systems to make it more difficult for the malware to spread.

While IT infrastructure seems largely unaffected by the attack so far, officials warned “individual or comprehensive restrictions of services for security reasons are to be expected at any time and possibly for extended periods” if the situation deteriorates.

This is the latest attack on a German-speaking institution, following several attacks on other universities and health bodies in recent weeks. This included the Vice Society ransomware group’s attack in November on the University of Duisburg-Essen.

Most recently there were ransomware attacks on the Harz University of Applied Sciences and the EUFH European University of Applied Sciences. No group has claimed responsibility for these attacks or the hit on the University of Zurich. It also isn’t clear if there is a reason behind the escalation in the number of attacks.

Growing cyber threat to universities

Attacks on higher education institutions are increasing around the world, including in the UK where Jisc, the not-for-profit education IT service provider in the UK, recently issued new guidelines to improve security on its university network.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Measures it plans to use to reduce the risk of attack include blocking access to its Janet network from outside the UK to Remote Desktop Protocol port 3389, which, according to Jisc has been the route for at least half of the major ransomware incidents since 2020.

Inbound traffic from known and verified IP addresses will be allowed onto Janet, the network for universities and research institutions. Remote Desktop Protocol is used to give users access to physical devices when away from their computer but is often less secure and often only requires a simple username and password.

John Chapman, Jisc director of information security policy said ransomware attacks on the education sector have ramped up globally over the past few years and the impact can be devastating. “Organisations can still opt out of restrictions to specific IP addresses if they wish to, but they must accept the greater risk of a serious cybersecurity incident.”

Read more: Vanuatu is showing small nations how to resist big cyberattacks

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.