Technische Universität Berlin (TU) has campuses in Berlin and Egypt, as well as offices in other countries. On April 30, they announced that they had become the victim of what sounds like a ransomware attack:
04/30/2021
An attack on TU Berlin’s Windows environment earlier today, 30 April 2021, has caused the University’s system to go down. Encrypted files have thus far been identified. The impact of the attack remains unclear.
To prevent further damage, many systems, including the Exchange server, have been shut down and are currently unavailable for use. We are currently intensively working to limit the extent of the damage, identify the source, and implement measures for additional protection.
Please note:
Users may experience restricted access to a number of services. Updates will be regularly provided here. Further action by TU members is not required. Please note that several systems, including the email server, tubCloud as well as the SAP applications, will remain unavailable during the weekend.last update: 1 May 2021, 22:14
Berliner Morgenposte provides additional background:
Recently, there had been repeated hacker attacks on the Brandenburg school cloud. The servers could no longer process the immense amount of requests and collapsed. The TU, on the other hand, was the target of several hacker attacks last year, which, however, could be repelled. At that time, the attacks were carried out using Windows’ own “Remote Desktop Protocol” (RDP), which can be used to access computers from outside. The security problem does not exist with VPN access.