Cyber Incident Victim: University of Duisburg-Essen
Date:
Nov 2022
Location:
Germany
Summary
The University of Duisburg-Essen experienced multiple cyberattacks, initially involving unauthorized network access that disrupted operations, leading to postponed exams and academic deadlines. A subsequent distributed denial-of-service (DDoS) attack targeted its temporary website, severely limiting accessibility through coordinated excessive traffic. These incidents compromised internal communication systems and restricted remote access to the Moodle learning platform, hindering student preparation. While many phone lines and newly established ".org" email addresses remained functional, the university maintained partial operational capacity, including full lecture operations, with no reported loss of digitally stored academic records. Law enforcement investigated potential connections between the attacks, and students petitioned for academic leniency due to ongoing disruptions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In late November 2022, unidentified cybercriminals successfully infiltrated the networks of the University of Duisburg-Essen (UDE), causing extensive operational disruptions. The breach forced the university to postpone examination dates and submission deadlines for academic work by several weeks. A provisional replacement website with the ".org" domain suffix was established to maintain limited online presence, though core systems including the Moodle learning platform remained inaccessible remotely. The attackers issued unspecified ransom demands to the institution. Law enforcement authorities, including the Central Cybercrime Unit of the Cologne Public Prosecutor's Office, initiated investigations while confirming no loss of digitally stored academic records or examination results. By early December, partial restoration of landline telephone services occurred across both Duisburg and Essen campuses, alongside newly created ".org" email addresses that remained functional throughout subsequent attacks.
On December 14, 2022, UDE experienced a secondary cyber incident identified by investigators as a distributed denial-of-service (DDoS) attack targeting the temporary university website. This coordinated flood of artificial traffic overwhelmed the replacement site, necessitating frequent shutdowns to maintain stability. Prosecutors examined potential connections to the initial November breach but hadn't confirmed perpetrator linkages at the time of reporting. Academic operations continued despite these challenges, with university rector Barbara Albert emphasizing full maintenance of lecture schedules and institutional functionality. Students petitioned for examination leniency through a "Change.org" campaign, citing inaccessible learning resources and unreliable professor communication channels as preparation obstacles. The university administration declined immediate implementation of free examination attempts, noting the postponed assessment period hadn't yet commenced. Restoration efforts prioritized telecommunications infrastructure while investigative work continued to determine attack origins and methodologies.