King’s College London internal memo cops to account ‘compromise’ as uni resets passwords
Exclusive King’s College London has suffered an IT worry but this time not of its own making – yesterday it warned staff and students that some accounts have been “compromised” due to an apparent brute-force attack on password systems.
The Register has been informed that the raid, which has been ongoing for several days, originates in China and is targeting accounts on the university’s Microsoft Office 365-hosted systems.
The attack comes just days after penetration testers from academic IT outfit JISC revealed that every single university they phished during a test exercise fell for the ruse.
End users at KCL have noticed problems with accessing their university email account using certain clients as security was being beefed up, forcing administrators to issue a memo and explain what is happening.
The KCL missive seen by The Register coyly admitted to the attack, informing some KCL account holders that their passwords had been reset by uni IT bods after the intrusion.
King’s College London staggers from outage, replaces infrastructure services head
The memo then offered some of the usual security advice – use multi-factor authentication, use the KCL standard operating environment and not some comedy homebrew setup, so on, and so forth. The unusual mention of accounts “about to be compromised” suggests a brute-force or dictionary attack.
As this stage, there have been no reports of an actual breach, damage or loss from this specific incident, aside from the typical mild dose of inconvenience and irritation.
We have asked the London university for a statement of what has happened and will update this article when we hear back.
As regular Reg readers might know, KCL suffered a mega-outage in late 2016 – which saw the near-immediate departure of the university’s head of infrastructure. A single HPE 3PAR appliance which was propping up the entire university’s IT estate decided to put its feet up for a change, as an internal report revealed. ®
Sponsored: Cloud Security: From Start Point to End Point
READ MORE HERE