Exclusive King's College London has suffered an IT worry but this time not of its own making – yesterday it warned staff and students that some accounts have been "compromised" due to an apparent brute-force attack on password systems.
The Register has been informed that the raid, which has been ongoing for several days, originates in China and is targeting accounts on the university's Microsoft Office 365-hosted systems.
The attack comes just days after penetration testers from academic IT outfit JISC revealed that every single university they phished during a test exercise fell for the ruse.
End users at KCL have noticed problems with accessing their university email account using certain clients as security was being beefed up, forcing administrators to issue a memo and explain what is happening.
The KCL missive seen by The Register coyly admitted to the attack, informing some KCL account holders that their passwords had been reset by uni IT bods after the intrusion.
Some of you may have recently experienced difficulties in accessing your email account or been notified by IT that your password has changed. This is because our technical teams in IT have made changes to some accounts at King's that we suspected may about to be compromised. Our security teams have been taking steps to protect King's accounts over recent days after detecting some malicious activity.
King's College London staggers from outage, replaces infrastructure services headREAD MORE
The memo then offered some of the usual security advice – use multi-factor authentication, use the KCL standard operating environment and not some comedy homebrew setup, so on, and so forth. The unusual mention of accounts "about to be compromised" suggests a brute-force or dictionary attack.
As this stage, there have been no reports of an actual breach, damage or loss from this specific incident, aside from the typical mild dose of inconvenience and irritation.
We have asked the London university for a statement of what has happened and will update this article when we hear back.
As regular Reg readers might know, KCL suffered a mega-outage in late 2016 – which saw the near-immediate departure of the university's head of infrastructure. A single HPE 3PAR appliance which was propping up the entire university's IT estate decided to put its feet up for a change, as an internal report revealed. ®
Sponsored: Ransomware has gone nuclear