The University of Michigan has recently restored internet access to its Ann Arbor, Dearborn, and Flint campuses following a cybersecurity incident that occurred over the weekend. The university had severed its networks from the internet due to what was described as a “significant security concern” by university officials.
University president Santa J. Ono addressed the situation in a statement, acknowledging that there may still be some issues with certain U-M systems and services in the short term. However, he assured the university community that these issues would be resolved over the next few days as the remediation efforts continue. Ono also emphasized that the investigative work into the security issue is ongoing and that no information compromising the investigation can be shared at this time.
To address the incident, the university is working closely with federal law enforcement agencies, collaborating with them to investigate the nature and extent of the cybersecurity breach. It is expected that their expertise and resources will contribute to a thorough examination of the incident.
The incident response and defense measures taken by the University of Michigan has garnered praise from industry experts. Tom Marsland, VP of Technology at Cloud Range, commended the university’s IT and cybersecurity teams for their preparedness and swift action in severing their systems from the internet and conducting the necessary restorations. Marsland highlighted the importance of making tough decisions outlined in incident response plans promptly, especially given the scale of the university’s enterprise network and the large number of students it serves.
Emily Phelps, Director at Cyware, acknowledged the challenges and costs associated with incident response, including opportunity costs. The decision to take systems offline following a cyberattack is a significant one for any organization, and the fact that the University of Michigan made this call on the eve of classes is a testament to the severity of the attack. Phelps stressed the need for institutions to adopt a proactive approach to cybersecurity to minimize the need for system shutdowns.
Dave Ratner, CEO of HYAS, emphasized that no organization can consider itself immune to such attacks. He urged organizations to prioritize operational and business resiliency and continuity to mitigate the impact of breaches. Ratner also highlighted the importance of early detection and response to anomalies and recommended the use of Protective DNS as a vital component for organizations and networks.
In conclusion, the University of Michigan has successfully restored internet access to its campuses after a cybersecurity incident. The response and defense measures taken by the university have been commended, and experts stress the need for organizations to adopt proactive cybersecurity measures to minimize operational disruption and economic impact. The investigation into the incident continues, with the university working alongside federal law enforcement agencies to determine the full extent of the breach.