this post was submitted on 28 Aug 2023
49 points (100.0% liked)
Technology
37699 readers
256 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I feel like most big announcements like this end up being Ransomware. Cutting off from the wider internet feels like a weird move to defend/mitigate that? Unless it's to reduce exfiltration?
If enough university hardware was compromised, it could be used combined with their massive bandwidth to springboard into all kinds of attacks.
I remember my university disabled SSH access indefinitely for all students a year before my graduation.
It was pretty sweet while it lasted, but apparently bad actors kept attacking it.
Weird, did they not enforce the use of a VPN if you want to SSH outside the network or was this done by someone on campus?
No VPN was provided for us to use - it was pretty much just connect to port 22 with the university's website as the hostname, from any network.
It was a pretty niche thing as only a few students (including myself) used it remotely, and only a tiny part of the course that included a DBA exercise actually required us to use SSH access an Oracle DB server.
I believe the attacks were carried out external to the campus, but they didn't clarify that to us
That's just straight up bad IT to do something like that.