18/10/2021 – ANNOUNCEMENT BY THE UAB
Following the cyber attack perpetrated one week ago, the Universitat Autònoma de Barcelona would like to express its appreciation for the support received from the various Catalan universities, the government of the Generalitat de Catalunya, and specifically from the Vice President and the Minister for Research and Universities.
This week a contingency plan will be set up in each of the university’s sectors with the aim of attending to urgent and unpostponable needs, and of setting out the stages of transition until the UAB returns to full normalcy. In the case of salaries, we would like to remind all workers that the cyber attack never affected the payment of their wages.
A first version of the preliminary-assessment tool to be used to detect which computers have been infected with the virus is already available, and will first be used with all laptops owned by the UAB. Each centre’s administration office will inform its members of the procedure to be followed with the IT department of their centre or building. After being analysed, all laptops detected as being infected will be identified and all programmes will be reinstalled.
The UAB campus now offers an open wifi service (UAB-provisional) which all members can use, without the need of introducing their student ID (NIU) or password. The wifi will be available to all members of the university community, and all UAB-owned laptops which have passed the preliminary-assessment phase and have not been infected can be logged onto the network.
We are working on recovering all Microsoft applications and plan to have completed this task in approximately two weeks. This will allow members of the university to once again use Teams as a work platform. As an institution, our members should not use alternative, non-corporate platforms, which do not come with a full guarantee of authenticity for students and are not equipped with the adequate security.
Fixing the situation we now find ourselves in and returning to normalcy may take longer than anyone would hope for, and we will only overcome it by working together. Therefore, we would like to thank the whole of our university community for the continuous effort, commitment and dedication shown in this past week.
15/10/2021 6:20 p.m. – Statement by the UAB
The Universitat Autònoma de Barcelona would like to inform its members that the university’s computer services have prepared a preliminary-assessment tool that will determine which of the UAB’s personal computers have been infected by the recent cyber attack.
The computer department has already begun to analyse laptops with the aim of detecting the ones affected by the computer virus. In the UAB’s next annoucement, information will be given on the mechanisms which will be undertaken to analyse the equipment at each centre and services starting on 18 October.
The UAB campus once again offers wifi (UAB-provisional), which only gives access to the internet and is open to all members of the university community. However, it cannot be accessed through any computers on campus which have not yet passed the preliminary-assessment process.
For security reasons, until receiving authorisation through the preliminary-assessment process, none of the computers owned by the UAB should be connected to any network, whether corporate or personal.
We would like to use this opportunity to announce that the Ministry for Health’s Resolution SLT/3090/2021, of 14 October, is now in force, which represents the return to 100% classroom-based lectures.
15/10/2021. STATEMENT BY THE UAB
The Universitat Autònoma de Barcelona denies any and all rumours appearing this morning in the media regarding the cyber attack which occurred on 11 October and a request for a 3-million-euro ransom. The university has not had any contact with the cybercriminals, and any person acting in representation of the UAB is committing an act of identity fraud, which is a punishable offence.
We have no evidence of data leakage caused by the cyber attack. However, the attack has been reported to the Catalan Data Protection Authority as indicated by the security protocol currently in force for public institutions in cases such as this one.
14/10/2021. Announcement by the UAB
In view of the computer attack that took place at the Universitat Autònoma de Barcelona on 11 October, and which has already been reported to the competent authorities, we would like to express our gratitude to all the university staff who are working to restore services back to normal. We would also like to thank the entire university community for its ability to adapt to these adverse circumstances and for the commitment shown at this particular moment.
Our IT services are continuing to work jointly with the Catalan Cybersecurity Agency and a specialised company to determine the extent of this attack. All data must first be recovered, isolated and analysed. Given their high degree of inter-dependence, corporate services will be recovered progressively.
In the meantime, as we cannot yet indicate when a full recovery will be made, we will be proposing alternative technological solutions that can provide a rapid response to the distinct problems that have arisen as a result of this computer attack.
The IT services are developing a specific preliminary-assessment tool for personal computers that will be operational as of Friday 15 October. Further indications on how this tool will be implemented will be made available shortly. For security reasons, until receiving authorisation through the preliminary-assessment process, none of the computers owned by the UAB should be connected to any network, whether corporate or personal.
On Monday 18 October, we will have an independent and provisional wifi network set up on campus; this will provide access to the Internet only. The entire university community will be able to connect to this provisional network, except for computers that have not been authorised following the preliminary-assessment process.
12/10/2021. The UAB resumes its activities on Wednesday 13 October
On Wednesday 13 October the Universitat Autònoma de Barcelona will resume its activities despite the cyber attack perpetrated on the university on Monday. All classes and administrative tasks will resume and be adapted to the current situation. However, the UAB networks and Eduroam services will not yet be available. The UAB Office of Information and Communication Technologies continues to work on reestablishing the virtualisation system and making it fully functional as soon as possible. Students can find more information on the social media platforms of their teaching centres and also through the ICT department’s FAQs
11/10/2021. The Universitat Autònoma de Barcelona suffered a cyber attack of unknown origins on Monday, 11 October.
This cyber attack has affected mainly the university’s virtualisation system, in which a large part of the UAB corporate services are located. This means that at the moment, many of the UAB’s services and applications cannot be accessed or used.
The UAB Office of Information and Communication Technologies has activated the security protocol set up for these situations and has isolated the affected devices, as well as applied preventive measures in order to avoid the spreading of this attack to other computers and systems which have not been affected.
Once the mechanisms of this attack have been determined in detail, the system will be gradually reestablished, all the while guaranteeing the integrity of each service recovered.
We would like to inform all members of our community that the UAB computers will not be connected to the internet all throughout this week. This will affect all activities carried out both on and off campus: teaching, research and administrative tasks.