University Cuts Itself Off From Internet After Mystery Security Snafu

Updated The University of Michigan has isolated itself from the internet but, hey, everything’s fine!

The institute’s president on Tuesday published a letter to the school community thanking everyone for their patience as technical staff work to restore internet access following an undisclosed security incident.

“The loss of internet access and other business functions across the University of Michigan community cast an unfortunate cloud over an otherwise sunny and glorious start to the academic year,” said Santa Ono, President of the University of Michigan, in his letter.

“Despite this setback, our campuses were alive Monday with a wide array of activities as students greeted each other, faculty members took their places in classrooms and researchers returned to their labs across our three-campus community.”

They did so without wired or wireless access to the US school’s network, relying on mobile devices with cellular connections and other external network services.

Students initially reported being unable to access services that required University of Michigan authentication, such as Canvas and Gmail. However, the school said on Monday that services including Google, Canvas, Zoom, Adobe Cloud, Dropbox, Slack, and other systems were functioning and accessible with UoM authentication via off-campus and cellular networks.

A University of Michigan spokesperson confirmed to The Register that while the authentication system was restored Monday, allowing students and staff to login to some school resources, network services continue to be impaired – to put it politely.

The spokesperson declined to provide further information about the cause of the incident, citing Ono’s statement that the school is unable to share further information that might compromise the ongoing investigation.

“The investigative work into the security issue continues. As noted in Monday’s message to the community, our U-M Division of Public Safety and Security and federal law enforcement partners are involved in this investigation,” said Ono.

The school initially reported network troubles on Sunday and on Monday took the unusual step of shutting down network access, just as the school year was starting the academic year. According to the Detroit Free Press, the shutdown has affected about 120,000 students, faculty, and staff across the university’s Ann Arbor, Flint and Dearborn campuses.

“Sunday afternoon, after careful evaluation of a significant security concern, we made the intentional decision to sever our ties to the internet,” said Ravi Pendse, Chief Information Officer, Sol Bermann, Chief Information Security Officer, and Andy Palms, Executive Director of Infrastructure on Monday. “We took this action to provide our information technology teams the space required to address the issue in the safest possible manner.”

According to the Detroit Free Press, the University of Michigan hospital and health system websites were among those targeted in January by a pro-Russian hacktivist group. However, no public information that we’re aware of suggests the current incident is related. ®

Updated to add

On Wednesday, the University of Michigan announced that internet service has been restored on all campuses, and reiterated that no information would be provided about the “security issue” while the investigation is underway.

READ MORE HERE