“Earlier in the year, the University Linux servers were breached,” an anonymous PhD student explained. “Staff and PhD [students] were told to delete SSH [Secure Shell] keys from these systems.”
They add “it is very probable that any obtained encryption keys could be used for this later attack.”
“I don't know if this was a problem for the entire University or just the computer science department.”
“The University should have been preparing for a second breach to occur, something that they appear not to have done.”
A spokesperson for Newcastle University denied any Linux systems at the University being breached. If the breach did occur, it was not disclosed publicly by the University.
The person who made the tip was responding to the Courier’s survey on student satisfaction. Owing to the way the survey was set up, they are anonymous even to those who ran the survey.
The survey revealed that only 34% of students are satisfied with Newcastle University. This is in stark contrast to figures from the National Students Survey, which suggests that over 82% of Newcastle students were satisfied with their course.
However, the National Student Survey was conducted between January and April this year, before the cyber attack occurred. The survey conducted by the Courier indicates that 78% of students were dissatisfied with how the University communicated about the cyber attack.
Effects of the attack became visible at the end of August, when students’ University emails temporarily stopped working. Though ReCap, accommodation services and timetabling have since been restored, among other services, the Student Self Service Portal (S3P) is still down.
In an update posted on 23 September, the Newcastle University IT Service said “we may have further unexpected disruption to services over the next few weeks”.
Featured Image: Pixnio