January 18, 2016

University’s VPN Target of Second Attack

By Alex Ward   

The University’s Virtual Private Network (VPN) service experienced an attack on January 8, following similar attacks earlier in the week.

cVPN, UChicago’s VPN provider, allows off-campus users to remotely and securely connect to the University’s Internet system. Beginning on January 6, the network came under attack from an unknown entity. While the attack was resolved by the next day, another attack began at about 5:30 a.m. on January 8. The second attack was also stopped by the end of the day, and by Monday, January 11, the University’s Information Technology Services (ITS) department confirmed that the attacks seemed to have ended for the time being.

ITS described the problem as a denial of service attack, in which an external source prevents users from accessing a network. During the attacks, some users experienced reduced performance or were initially unable to connect to the University’s network.

Some locally hosted University websites began experiencing performance issues on January 8. These issues were apparently unrelated to the VPN attacks and continued until Thursday of last week. As of Thursday, “ITS engineers successfully migrated [their] hosted websites to a different storage solution,” according to an email notification sent out by the department that Thursday.

According to ITS, the problems have been resolved, though staff are continuing to monitor the situation to ensure that no further issues arise.

Comments have been closed.