Subscribe to The Brown Daily Herald Newsletter

Sign up for The Brown Daily Herald’s daily newsletter to stay up to date with what is happening at Brown and on College Hill no matter where you are right now!


News, University News

Cybersecurity attack forces University systems shutdown

Non-cloud based systems halted to mitigate attack, time of reinstallment still undetermined

University News Editor
Tuesday, March 30, 2021

The shutdowns came as part of "a number of aggressive steps” to protect University resources, chief digital officer and chief information officer Bill Thirsk said.

All University non-cloud based systems and services were out of service Mar. 30 following a cybersecurity attack. 

The shutdown of the systems was the consequence of “a number of aggressive steps” taken by Computing and Information Services to protect University resources, according to a statement from Bill Thirsk, chief digital officer and chief information officer, at 2 p.m. Mar. 30. At the time of Thirsk’s announcement, there was not a “precise timeline” for the “disruption to the systems,” including when services will be restored, he wrote.

The shutdown did not affect cloud-based systems, which include services like Canvas, Zoom and Workday.

Services affected include file services through Canvas, some websites, virtual machine hosting, Dropbox logins through Shibboleth SSO, Google file sync, Listserv, MyPrint, On-Prem Brownsites, RemoteApps, VPN, the GET app and others, according an alert posted to the Computing and Information Services website at 11 a.m.

Connections to Brown Wi-Fi and Eduroam Wi-Fi as well as access to research files and high-performance computing were temporarily shut down, according to the 11 a.m. announcement, though Wi-Fi access has since been restored. In addition, Oscar, the supercomputer utilized by students and faculty for classes and research, is experiencing a complete outage, and all running jobs have been terminated.

The attack was a specific threat targeting the University’s Microsoft Windows-based technology infrastructure, Thirsk wrote. In response, CIS has requested that faculty and staff currently using a Windows computer on Brown’s campus, or accessing it through VPN, cease using these machines until the threat has been cleared. Employees can contact their department’s IT Support Consultant or Departmental Computing Coordinator to determine if their machine has a “known-clean status,” Thirsk wrote.

The MyBrown app, through which students were previously required to submit their end of semester departure date by Mar. 31, was one of the services affected by the security breach. In response, the University has extended this deadline to Apr. 1. 

To stay up-to-date, subscribe to our daily newsletter.

Your email address will not be published. Required fields are marked *