Internet is down across Oxford Universities and universities nationwide following a cyber-attack.
A Distributed Denial of Service (DDoS) attack has hit JANET, the UK’s computer network for .ac.uk and .gov.uk domains. JANET is the UK provider of eduroam, used by Universities across the UK including Oxford.
The network, used by over 18 million people, is run by the public body Joint Information Systems Committee, Jisc. Jisc Major Incidents tweeted yesterday, “We suspect that those behind today’s DDOS attack are adjusting their point of attack based on our Twitter updates.” Just after midday today, they tweeted: “There has been some improvement but services are still at risk.”
#TT169554 – We suspect that those behind today’s DDOS attack are adjusting their point of attack based on our twitter updates.
— Jisc Major Incidents (@jiscmi) December 7, 2015
A spokesperson for JANET has said, “The attack has hit our global transit links and its sustaining a lot of traffic. We don’t have an ETA yet but all hands are on deck to resolve the issue.”
Oxford’s IT services emailed a warning this morning to their mail list. The email read, “We are aware of intermittent external connectivity issues to/from the Internet via our JANET links. Initial troubleshooting has lead us to believe that the problem may lie within JANET’s network (especially following the DDoS attacks they experienced yesterday). However, we have not been able to reach JANET to confirm this yet or establish an RFO as their service desk line is extremely busy.”
The President of the Oxford Union, which is also affected, told Cherwell, “We have been affected – I have absolutely no idea how long for.”
These incidents are a recurring problem for Jisc, who have reported a DDoS attack in October and persistent attacks in December. The JANET network describes itself as “highly reliable and secure”.
A Distributed Denial of Service attack is an attempt to overwhelm a network by flooding it with traffic from various IP addresses. It is often performed via a ‘botnet’, a network of infected computers which can be remotely controlled. The cyber-attack affecting TalkTalk in October, where 157,000 customers had personal information stolen, was also a DDoS attack.
This article will continue to be updated.