Ben-Gurion University of the Negev (BGU) on Wednesday informed its faculty and students that a number of servers of the university had been breached. The incident was discovered in the framework of routine scanning conducted by the university in cooperation with the Israel National Cyber Directorate (INCD). At this stage, the university is continuing to operate normally except for isolated difficulties, and no significant damage to the servers is known of, but the issue is still being checked. Also, the university is taking preventive measures. At this stage, the systems connected to student services, remote academic studies, and access to academic databases, tests and research continue to take place as usual.
As soon as the breach was discovered, a combined team of researchers from the INCD and the Technologies, Innovation & Digital Division of BGU was established. The combined team immediately carried out a series of measures to contain the incident and minimize damage. At the same time, the staff carried out a comprehensive check of all of the university's servers to check whether there were additional intrusions and ensure that the computer services and the servers have strong defenses.
The breach of the university's systems was discovered as part of the attack monitoring and detection measures carried out by the INCD in Israel's cyber domain. The INCD is helping the university manage, investigate and contain the incident. It should be pointed out that the incident is ongoing and that the efforts are still underway.
"Ben-Gurion University of the Negev, like other institutions around the world, is a quality target for cyberattackers. Our cyber capabilities, together with the National Cyber Directorate, identified the intrusion into our systems and are working to address it as quickly as possible and reduce potential damage," said Prof. Daniel Chamovitz, President of BGU, in a letter he sent Wednesday to the faculty members and students.
"This is a serious incident and at the forefront of my mind at the moment is the need to curb intrusion and strengthen the protection of the digital array and university servers by all necessary means. We will not spare resources for this. Simultaneously, I have instructed the establishment of a separate team to produce lessons and recommendations for the future, in order to ensure that such events do not recur," Professor Chamovitz added.