Dear UDE staff,
at the end of January, I wrote to you about the progress of the reconstruction of our IT systems after the cyberattack. Now the summer semester has been underway for a few weeks and we have returned to some kind of normality in many areas, but unfortunately not all. So where do we stand now?
Teaching and learning
UDE has started the summer semester with almost no restrictions with regard to teaching.
Students can access their semester ticket via the HISinOne portal under the ‘Student Ticket/Requested Reports/Reports’ tab(‘Semesterticket/Bescheide/Bescheinigungen’ in the German version of HISinOne).
Work is almost finished to put the ZIM’s PC pools and the public workstations in the University Library back into operation. It should be completed by early to mid-May. In the meantime, the PC halls at Altendorfer Straße and on the main campus in Essen have been set up again and were used during the examination phase of the winter semester that has just ended.
Since mid-March, the collaboration tool Etherpad has also been available for use, and the upload function for videos in Moodle via Opencast has also been reactivated.
Since mid-March, the ZIM has been providing a so-called R mirror. ‘R’ is a free programming language used in teaching and electronic exams.
I would like to thank you all again for having been so committed to making the examination phase possible. You have told me that it was particularly demanding due to the fact that many candidates did not attend. I am very sorry about that, and yet I am glad and grateful that we all managed this important task for our University so well.
The reconstruction of UDE’s digital infrastructure is progressing at different paces.
In recent weeks, the priority has been to get the server networks and services up and running again at both central and decentralised levels. To ensure that this could happen without creating new security gaps, we have established a process where requests for network activation can be submitted to a committee chaired by the Vice-Rector for Transfer, Innovation and Digitalisation. This committee reviews and checks requests several times a week so that activation can be done quickly. In this way, we ensure uniform standards and safeguards for the administration of decentralised servers and services.
New functions have been added to the ZIM’s selfcare portal . Most importantly, two-factor authentication can now be enabled there, function identifiers can be edited centrally and SSH keys can be entered for logging on to the high-performance computing systems. Generators for creating QR codes and secure passwords are available for everyday work.
The ZIM also asks all file server users to check whether their data stored there is complete by 30 June 2023. This applies to both personally assigned drives and shared drives.
Meanwhile, about 1,000 client systems administered by the ZIM have been reinstalled in the administration units and other areas. The reinstallation of decentrally managed systems by the relevant unit-specific IT representatives is progressing.
All members of UDE can now apply for their personal user, group or server certificates again.
The password reset, without which use of UDE’s digital services is not possible, can still be carried out at the self-service terminals or at the e-Points. The video identity verification process for resetting passwords is now running stably.
The online survey tool LimeSurvey is once again accessible and usable within the UDE network and from the Internet. The database as of 26 November 2022 has been fully restored. UDE’s own short URL service ‘udue.de’ has been available again since mid-March.
With regard to the administration units and SAP, Jens Andreas Meinen and Wolfgang Sellinat have informed you separately.
UDE’s financial management systems have been restored. The basic SAP functionalities are available to a small group of users. We hope to be able to extend the circle of users to selected persons from the faculties in the near future, so that it will at least be possible to view accounts again.
The data as of 23 November 2022 could be restored. The administration units are currently reconstructing lost data and manually entering transactions in order to prepare the 2022 annual financial statement. At the end of March, a team for retroactive recording also started its work in order to clear all backlogs by the middle of the year. The SAP portal solution should also be ready by then. With a functioning portal solution, SAP-supported purchase orders and the processing of work-related travel will also be possible again.
The reintroduction of electronic recording of working hours is not expected until the middle of the year.
External access and connection
Since 13 March, the Imperia web server has been accessible again at the address www.uni-due.de. This means that the central and decentralised web content, download services, contact forms or even internal service areas of UDE and its individual units can be used.
LAN and wireless LAN connections at UDE can now be used to access both the internal UDE network and the Internet. In Essen, these options are available throughout the premises; in Duisburg, work is still underway to restore them in some buildings. Please note: if you are connected via the University’s LAN or wireless LAN, the use of other hotspots is prohibited on devices provided for work purposes.
Since the end of March, UDE members have also been able to log in at external universities or institutions via Eduroam and use the Wi-Fi there.
Work in progress
What has not yet been completed?
It will take until June for the Microsoft Exchange email, calendar and groupware system to be available again. Within the University network, Exchange should be usable from 12 June, and from 26 June, external access will also be enabled. Not all old data could be restored.
Unfortunately, some time is still needed for access to the virtual private network connections (VPN), which enable employees to establish an encrypted connection to the internal UDE network and the applications running there from outside University premises, e.g. when working from home, to be restored.
InterCard, the system for creating staff and student ID cards, is also being restored. It will hopefully be put back into operation by the end of May.
Various scenarios are currently being discussed for the future design of the myUDE app.
The handling of personal web spaces and the associated time schedule are yet to be determined.
I have been informed that the ZIM and some administrative units have currently accumulated so many enquiries by email, telephone or ticket that there are delays in responses. We kindly ask for your understanding. There are numerous processes that have been added to the normal workload due to the special situation, and staff have constantly been under a lot of stress for months now. Please do not increase the pressure, but contribute to efficient processes and sensible prioritisation wherever you can.
UDE security concept
UDE‘s new security concept will take into account current technical and organisational requirements, which are also aligned throughout NRW. We are improving agreements with the faculties regarding all IT security issues and are pushing for the establishment of an effective monitoring environment.
With the introduction of two-factor authentication, many areas of UDE’s IT infrastructure will in future be based on a method that provides an additional layer of security. For example, users will only be able to access some services if they use a second, independent authentication process in addition to a password.
Additional protection is also provided by the next-generation firewall which, compared to conventional technologies, protects networks more comprehensively and effectively, monitors data traffic better, and can detect and block suspicious activities as well as prevent malware infections.
As an important component of emergency management and as a way of restoring data, UDE also uses so-called offsite backups, i.e. copies of data stored outside its own premises. Within the University, new antivirus software on the file systems and stronger network segmentation guarantee greater protection.
Dear employees of UDE – thank you all for coping so well with the emergency situation triggered by the attack and for your united support in the reconstruction. I am well aware of the inconveniences this caused and apologise to you for having to endure them. The great hope remains that a productive, undisturbed year will follow, in which we can research, teach and work together constructively in the administration units, the workshops and all other facilities to create a successful, future-proof university.
Information on further reconstruction after the cyberattack is still available to University members via the University’s intranet – or directly via: https://reboot.uni-due.online