Cyber attack on RU - Q&A
What happened?
A cyber attack was carried out on the university's systems. This was a case of ransomware where a portion of the data was encrypted (locked with encryption), and a ransom was demanded. It has been decided to rebuild all computer systems from scratch, which is the course of action recommended by Syndis cybersecurity experts following a ransomware attack.
The most skilled cybersecurity experts have been working tirelessly to enhance the security of the systems, with two-factor authentication being one part of this effort.
My data and access to RU systems
Is my data lost?
The most critical RU data are accessible to the university. There are no signs of significant data theft, although partial data theft cannot be ruled out. To ensure the security of RU systems, all systems were shut down as a precautionary measure. Since a portion of the university's data was encrypted by the attacking group, it is still being analyzed whether data has been lost. RU will inform all potentially affected parties of the progress as soon as information is available.
May I expect confidential data, emails, or other information to be leaked online?
Initial investigations do not indicate that data was downloaded, and the risk of data leakage is not considered imminent at this time. An investigation is ongoing. However, it is known that such attacking groups target encrypted passwords and email addresses, along with people's names and social security numbers, making it necessary to change passwords and set up two-factor authentication for all accesses.
What about my RU email?
Student emails are hosted in Microsoft's cloud solution, and it was decided to take that system down as a precaution after the attack was made. All older emails and other data will be accessible after password changes.
When is it expected that systems, such as the Internet and email, will be restored?
The internet in the building has been restored. The network is RU Students, with the password menntavegur.1. Student email should be working, but a new password and authentication are required.
What about my access to RU systems?
For security reasons, every student must receive a new password to access the university's systems. Monday morning, February 5th, an SMS was sent to those students located in Iceland and who have a registered phone number in the university's systems with a new password along with authentication instructions. Not all students have a registered number, so not everyone will receive an SMS. Students who wish may also visit the RU service desk with valid identification from 8:00 to 20:00 on Monday, February 5th, and Tuesday, February 6th, in room V102. There, student access will be activated with a new password and two-factor authentication. It is not necessary to reconfigure student computers due to the cyber attack.
What should I bring to the university on Monday, February 5th?Identification (a driver's license in the wallet on your phone is okay)
As two-factor authentication needs to be activated, it would be good to have installed the Microsoft Authenticator app on your phone.
How do I set up two-factor authentication?
Instructions for setting up Microsoft Authenticator can be accessed here: https://www.microsoft.com/en-us/security/mobile-authenticator-app
When will the special service desks of departments be open?
From 8:30 to 17:00 on Monday, February 5th.
Teaching, exams and graduation
How will teaching be conducted, and should students attend university?
Teaching and other operations will commence on Monday, February 5th, as planned, though in some cases in a modified format.
Will exams scheduled for the coming days be held?
Service desks will be available in each department of the university where students can come and discuss many of the issues undoubtedly concerning them, such as exams, assignment submissions, and essays.
Is the graduation ceremony next weekend still scheduled?
Yes, the graduation will be held on Saturday, February 10th.