Canadian University Shuts Down Entire Network After Mining Attack
Last week St. Francis Xavier University in Nova Scotia, Canada reportedly shut down its entire computer network for four days due to an attempted mining attack.
— Catalin Cimpanu (@campuscodi) November 7, 2018
Entire Network Brought Offline
An official statement published on the university’s website on Nov. 4 stated they were bringing their network slowly back online after an attempted crypto-jacking. The statement read:
“On Thursday, ITS, in consultation with security specialists, purposefully disabled all network systems in response to what we learned to be to be an automated attack on our systems known as ‘crytpocoin mining.’”
It went on to add:
“At this time, there is no evidence that any personal information within our network was breached, however, ITS will continue to analyze and monitor for suspicious activity in the days and weeks ahead. ITS has also implemented heightened security measures in response to this event.”
University officials also required students and faculty to change their passwords following the incident to regain access to campus resources.
The breach interfered with access to email accounts, WiFi, debit transactions, online courses, and storage drives hosted on the school’s network comprised of 150 servers, according to Canadian news outlet CBC.
An Ongoing Cyber Threat
A spokesperson for the university said they’d never seen a cyberattack like this before, but it marks the latest in a string of attempts to hijack the computing power of others and bend it toward mining crypto.
In most cases, crypto-jacking of host computers occurs via phishing schemes designed to covertly install illicit mining malware on unsuspecting machines. CryptoSlate reported in September that hackers were using the Eternal Blue vulnerability in old Windows systems to illicitly mine Monero. More sophisticated schemes actually install legitimate software on the host computer, like a fake Adobe Flash updater that actually installs the program, but runs crypto-jacking malware in the background.
In most cases of such cyber attacks, poor “digital hygiene” is to blame. Old systems go unpatched or without important security updates. Employees click on emails from senders they don’t recognize. The end result is a largely avoidable cyberattack that can, in cases like this one at St. Francis Xavier, mean the disruption of important systems.
Institutions like this with large networks make attractive targets for crypto-jackers, as they stand to gain more computing power from a single attack. For its part, the university says it will be stepping up its security measures.
“We will be investigating opportunities like increasing our sensitivity settings within our security systems,” said St. Francis Xavier spokesperson MacKenzie in an interview with CBC. “We’ll also be looking into taking old systems offline.”