Recovery after cyber attack
The heart of the Windows server landscape is back
Following the restart of the new Active Directory, users now have once again access to additional services.
After the cyber attack on RUB, the Windows-based network had to be temporarily shut down for security reasons. The central component of the network, the so-called Active Directory, has now been rebuilt by the IT Services team, and upgraded security measures have been implemented. In future, these measures will prevent the network being compromised the way it was following the attack on 7 May 2020.
On 2 June 2020, the new Active Directory was launched. It manages all objects in the Windows network, such as users’ computers, servers, printers and other devices. It gives the network its structure and manages rights. The Active Directory ensures, for example, that certain users have access rights to certain folders and files or can control certain printers and scanners, while other files and devices are invisible or unusable to them.
Access to folders and files
Following the restart of the new Active Directory, users connected to the IT-Services central file services have once again access to folders and files on the network drives. No data has been lost as a result of the attack.
Individual users may still have problems accessing the network at present, for a variety of reasons. It can often help to set a new password in the RUB Identity Management or to reset the new password – if it is new and sufficiently secure. File servers that are managed in the decentralised unit are restarted by the respective network administrators.
Additional services are back
Following the restart of the Active Directory, other services have become available once again, in addition to the network drives; those include printers and scanners, which are controlled via the network on the RUB campus. The central service of IT-Services for Software Distribution (ACMP) – accessible via the green help button on the desktop – is likewise back, with some limitations. More services will follow step by step.
Logging in at office computers with a new password
From 2 June, users who use their old password with their RUB loginID to log in at their RUB office computers might receive an error message. They must use their new password instead. Logging in and out with the new password may take longer than usual.