Amsterdam University of Applied Sciences

Updates cyber security

Here you can find the latest updates:

Update 8 March

Accounts blocked for users who have not yet changed their password

On 8 March, ICT Services blocked the accounts of staff and students who have not yet changed their password. You can only gain access to your account by completing the 'Forgot password' procedure at id.hva.nl and id.uva.nl. In order to do this, your personal email address must be registered in the Digital Service Point or Self-service (employees) or in Studielink (students).

Personal email address unknown in the Digital Service Point / Self-service

If you have not entered a valid personal email address in the Digital Service Point / Self-service, please contact the Service Desk at 020 525 1402. They’ll help you further.

Personal email address unknown in Studielink

Haven’t registered a valid personal email address in Studielink? You can change your private email address in Studielink. After a few minutes, you’ll receive an email at your private email address which you can use to complete the 'Forgot password' procedure.

Previous updates

E-mail FGw and services only via VPN

Microsoft has discovered a vulnerability in the mail environment and has made a repair available for it, which will be speeded up by the UvA and the HvA to prevent abuse.

This has consequences for employees of the joint services (ICTS, AC, FS and the library) of the HvA and the UvA and the employees of the Faculty of Humanities (FGw) of the UvA. They are expected to only be able to use email and calendars via a VPN connection up and including Wednesday, March 10.

How can I access my email?

The instructions for downloading and installing the VPN connection can be found here. After installation you can access your e-mail and calendar via Outlook as well as webmail.uva.nl/webmail.hva.nl.

This situation is unforeseen and causes nuisance. There is no relationship with the recent cyber attack, it concerns a worldwide vulnerability in Microsoft's Exchange Servers.

For more information see services.hva.nl.

Please avoid getting locked out of your UvA user account by changing your UvAnetID as soon as possible. If you are one of the more than 80,000 users of the UvA and AUAS systems who have already done so, we thank you for acting so quickly!

If you are having trouble changing your password, please contact the ICTS Service Desk. You can reach the service desk 7 days a week, between 7:00 and 22:00 via +31 (0)20 525 1402.

In this update, we again draw attention to changing your password. More than 70,000 colleagues and students have already done so. Thanks for that!

Have you not changed your password yet? Then do it as soon as possible. At the end of this week, we will block accounts for which the password hasn't been changed after 23 February 2021. Do you have tests to write? Make sure you change your password before March 3.

We realise that this can be a tricky process. Are you stuck? Then contact the ICTS Service Desk. We're here to help daily from 7:00 to 22:00, including on weekends.

When contacting the Service Desk, please allow for some waiting time, especially if you contact us by email.

Teams from the UvA and AUAS are still working hard to resolve the cyber attack. As yet, there have been no major disruptions to education and research, and we hope that these will not occur. All systems are online and usable. The investigation into the attack is at an advanced stage. If you have any questions, please visit the website or contact the ICTS Service Desk.

Deadline approaching: Change your password

As a result of the cyber attack on the UvA and AUAS, it is important that all staff and students change their AUAS ID password.

Are you one of the 26,000 people who have already changed their password? There’s no need to do it again. Thank you for acting so quickly!

Deadline

From 3 March, your current password will no longer work and you will only be able to log in after you’ve changed it. If you have tests to write, make sure to change your password beforehand. After this date, your password will expire and you will no longer have access to systems. You will then have to go through a more difficult procedure to get a new password.

Support

To change your password, go to A Z-list employees or A Z-list students.

If you have any questions about changing your password or if you want assistance, please contact the service desk of ICT Services. This is available daily from 7:00 to 22:00, including on the weekend of Saturday, 27 February and Sunday, 28 February.

E: servicedesk-icts@hva.nl
T: 020 525 1402

As of today, all staff and students who have not yet changed their password will receive reminder emails. It is very important that everyone changes their password in the coming days.

In the meantime, we’re continuing to work hard to investigate and repair the consequences of the cyber attack. The investigation is at an advanced stage. All systems are online and can be used, and there is very limited disruption to education and research.

Want to know more? Check the FAQs.

We are still working hard to limit the consequences of the cyber-attack. All students and staff have now been notified that they have to change their passwords. The call to do so is being well heeded. Several tens of thousands of passwords have already been changed. The ICTS Service Desk is easily accessible and there is very little waiting time. If you haven't changed your password yet, please do so as soon as possible!

The investigation into the attack is still ongoing and at an advanced stage. All systems are online and can be used, there is very limited disruption to education and research.

We are working very hard to repel the cyber-attack. We are closely monitoring all ICT systems and are working hard to clean them up. Investigations have shown that the hackers have access to the encrypted passwords. Despite the encryption, hackers could abuse them. Therefore we ask all students and staff to change their password as a precaution.

If the same password is used for other accounts, such as LinkedIn or DigID, we ask everyone to change the password for these accounts as well.

How do you change your password?

Students and staff will receive an email with instructions. Please note: because the e-mail has to be sent to many recipients, it may take a while before it is received by everyone.
The instructions for changing the password can also be found here.

Questions?

Please consult the daily updates and FAQ for general questions about the cyber-attack. Students and staff can contact the Service Desk ICTS if they have any questions. The capacity of this desk has been greatly increased since Wednesday and it is more readily available from 07:00 to 22:00. There may be a waiting period due to possible heavy traffic.

Contact Service Desk ICTS

HvA: Telephone: +31 (0)20 595 1402. Mail: servicedesk-icts@hva.nl

We’re working hard behind the scenes to limit the impact of the cyber attack. Within ICT Services in particular, employees are working overtime to ensure that education and research can continue as smoothly as possible. The Executive Boards would like to express their thanks and appreciation to everyone who is helping to limit the disruption caused by the attack.

We ask all employees and students to read the updates posted here and to keep an eye on their inboxes. And please stay alert for phishing.

The situation concerning cyber security remains the same as yesterday. Education and research at the UvA and AUAS are currently experiencing very little hindrance from the cyber-attack: all systems are online and available for use.

Education and research at the UvA and AUAS are currently experiencing very little hindrance from the cyber-attack: all systems are online and available for use.

It is now apparent that the UvA and AUAS have been attacked by professional hackers who are looking for financial gain. In response, there was quick and adequate action from the UvA and AUAS Security Operations Centre who detected the hack early, and intervention by the Computer Emergency Response Team (CERT).

The CERT is now examining all the servers and systems that are used by the UvA and AUAS in order to get a complete picture. This will take at least several days to complete

AUAS AND UVA TARGETS OF CYBER ATTACK

The Security and Operations Centre of the Amsterdam University of Applied Sciences (AUAS) and University of Amsterdam (UvA) have found that an unknown third party has gained access to the ICT environments of the AUAS and the UvA. Measures are being taken to minimise the impact and to ensure that education and research can continue to take place unimpeded.

Unavailability of ICT services

We are investigating which areas of our ICT environment are affected. To limit the impact on education and research as much as possible, we will proactively shut down certain systems for a short period of time. While they are shut down, the systems and the information contained there will not be available. We understand that this is inconvenient and will try to limit it where possible.

Information is available via uva.nl and amsterdamuas.com, or services.hva.cloud and services.uva.cloud

In the interests of the investigation we cannot share any background information or details about the scope of the attack. You can find the latest information on uva.nl and amsterdamuas.com or on services.hva.nl or services.uva.nl , including updates on any further consequences, and if applicable, what actions you can take.

Be extra aware of phishing

Phishing emails are currently circulating that play into the cyber-attack. Attackers are trying to take advantage of the current situation. They send emails to employees and students, supposedly from the AUAS or the UvA, with the request to check the account or change the password. We ask you to be extra alert.

What do you have to pay attention to?

  • Check the address carefully: does this email actually come from the sender?
  • Check whether the link in the email refers to a reliable web address, for example by hovering your mouse over the link.
  • Only open an attachment if you expect to receive a file from this sender and if the attachment seems trustworthy. If in doubt, call the sender and ask them if they have indeed sent this email including an attachment. Pay extra attention to zip-files.
  • Be wary if you are asked to activate Office macros. This is most likely the wrong thing to do.
  • Please inform the ICTS Service Desk if you receive any suspicious emails. Our employees are available on working days from 8:00 until 18:00.

E: servicedesk-icts@hva.nl
T: 020 525 1402

See also the infographic below

Published by  Communication 9 April 2021