The University of Zurich, Switzerland’s largest university, announced on Friday it was the target of a “serious cyberattack,” which comes amid a wave of hacks targeting German-speaking institutions.
The university’s website is currently inaccessible, but the phone line to the press office is working. In a statement sent to The Record, a spokesperson described the incident as “part of a current accumulation of attacks on educational and health institutions.”
Explaining this accumulation, they cited “several attacks” that “have been carried out on universities in German-speaking countries in recent weeks, resulting in suspension of their IT services for extended periods of time. The attacks are usually carried out by compromising several individual accounts and systems.”
The identity of the attackers and nature of the attack was not disclosed. The university said it was conducted by perpetrators “acting in a very professional manner.”
Last month the Vice Society ransomware group claimed responsibility for a November attack against the University of Duisburg-Essen in Germany.
More recently, within the past week, the Harz University of Applied Sciences in Saxony-Anhalt, Ruhr West University, and the EU/FH European University of Applied Sciences all announced being impacted by cyberattacks.
No group has yet claimed responsibility for these attacks.
The University of Zurich, which has more than 25,000 students and 3,700 academic staff, has a number of campuses across the city of Zurich. It is not yet clear what impact the attack has had on academic work.
In its statement, the university said it “immediately stepped up measures and countered the attacks with internal resources as well as external support. Accounts and systems identified as compromised have been isolated and access in general has been made more difficult.”
According to the statement, the university is not aware of any data being encrypted or extracted. “Nevertheless, the relevant organizations (i.e. data protection offices, cantonal police, other universities and partner organizations) have been informed and involved,” it adds.
“As there are no indications of an intrusion into more protected zones and systems, thanks to the measures taken, our IT services can continue to be used by university members for the time being. However, individual or comprehensive restrictions of services for security reasons are to be expected at any time and possibly for extended periods.”