University of British Columbia hit by brute force cyberattack

    1 of 1 2 of 1

      The University of British Columbia issued an alert on April 14 that a brute force cyberattack had been launched against the school's identity management infrastructure.

      The attacks, from outside UBC, were targeting a vulnerability in the system that enabled direct remote access to PCs, servers, and mobile devices using Remote Desktop Protocol.

      In response, the university shut down off-campus access to RDP. (Remote access remained possible through other non-RDP university networks.) A forensic analysis was being conducted to determine if any accounts had been hacked or not.

      The school identified 1,300 systems using RDP on campus.  

      On April 15, the university issued a second statement as an investigation into and review of UBC identity management infrastructure issues continued.

      Off-campus access to RDP continued to be shut off and will remain off until further notice.

      Whether or not a global password reset is required is still being determined.

      This type of attack has been experienced by other major institutions.

      You can follow Craig Takeuchi on Twitter at or on Facebook.