Universities across the UK have reported problems with their internet connections following a cyber attack on the Janet computer network.
Jisc, which operates the network on behalf of UK higher education providers, reported a distributed denial of service attack on 7 December and made progress towards stabilising the system, but then reported a further series of attacks which continued into 8 December.
Initially, the problems were reported to be affecting Janet users in the Manchester area, but it then became clear that the UK-wide network was affected.
Read more: Decision to back Jisc ‘should be a no-brainer’
A post on the Jisc Major Incidents Twitter feed said that the organisation suspected that the hackers behind the attack were “adjusting their point of attack based on our [T]witter updates”, forcing it to keep members informed directly.
The latest updates from the account said that there had been “some improvement” in performance, but that services were “still at risk”.
Higher education institutions across the UK use the Janet network, which supports the .ac.uk and .gov.uk domains, as well as the Eduroam wi-fi network used at many universities.
Andrew Smith, a senior lecturer in networking at The Open University, described a DDoS attack as “probably one of the oldest tools in the arsenal of attacks that come from cyber criminals”.
“In straightforward terms, attackers have lined up an army of malware compromised computers and have primed them to attack Janet,” he said. “Janet is used by many universities and colleges in the UK. While our security is good, having thousands of computers around the world all sending useless data to one system will flood it and will slow it down.
“Each compromised computer will send a small amount of data, nothing that you would notice and normally in keeping with the typical internet traffic behaviour expected by your broadband provider. However, when this is multiplied by tens, hundreds and thousands of computers – the deluge becomes unmanageable as this restricts our ability to receive internet traffic which would also come in via the same connection.”
Mr Smith said the reasons for the attack were unclear.
“Why do hackers use DDoS, it may be to cover another attack?” he said. “Or it may be to simply be disruptive and damage our ability to carry out our normal academic activities? At this current time, we do not know.”
Jisc said its engineering team and security team was continuing to work hard to “ensure s normal service is resumed as soon as possible, and to reduce the impact of future attacks.”
Tim Kidd, executive director, Jisc technologies, said: “We understand the importance of connectivity to colleges, universities and other public sector organisations. We are doing everything in our power to ensure normal service in resumed as soon as possible, and in the meantime to minimise any disruption that users of the Janet network may be experiencing. We apologise for any inconvenience caused.”
