Remarkable development in investigation into Maastricht University cyberattack
The Executive Board of Maastricht University was recently informed that the investigation into the 2019 cyberattack has been successful. After a long and complex process, the Netherlands Public Prosecution Service was able to seize crypto currencies worth approximately €500,000 which may be made available to UM. This is still less than the damages incurred by the university, but it is a nice sum to be used to support students in need.
From the moment the attack became known, in December 2019, UM cooperated with the police and the Public Prosecution Service in an open and transparent manner. Partly due to this exchange of information, the cybercrime team of the police and the Public Prosecution Service succeeded in tracing and confiscating the cryptocurrency.
UM community interests always paramount
According to the Vice-President of the Executive Board, Dr Nick Bos, who was also head of the crisis management team set up after the cyber attack, UM was faced with an ethical dilemma after the attack. On the one hand, there was the police’s advice and the moral objection against paying ransom; on the other hand, there was the interests of the UM students, scientists and staff who no longer had access to their data and files. The study progress of students, scientific research and the continuity of the university were at stake. After 'extremely difficult deliberations’ it was finally decided to pay the ransom.
Close international cooperation
The transaction left traces that eventually pointed to a suspect. The Public Prosecution Service and police’s investigation was mainly digital in nature, but also used financial and tactical strategies. Soon the search led outside of the Netherlands and a close international cooperation was formed with various countries in which data could be collected.
Following a trail, the investigation team travelled to Ukraine in 2021. The local authorities there carried out a search and spoke with those involved. The investigation in Ukraine eventually paved the way for the seizure of the cryptocurrency by the Dutch Public Prosecution Service. As early as February 2020, the investigation team froze a so-called wallet containing part of the paid ransom. The value of the cryptocurrencies found at that time was €40,000; at the current exchange rate, they are worth approximately €500,000. While it may seem like a lot of money, it is significantly less than the damage the university actually suffered as a result of the attack. The seized funds are now in an account of the Public Prosecution Service. The Ministry of Justice has initiated legal proceedings to ensure that the money will eventually go to UM.
Fund for students in need
If the money is recovered, the Executive Board wants to place it in a fund for students in need; the details of which still need to be worked out. "The cyber attack showed how vulnerable students can be in their study progress, but certainly also financially," explains Vice-President Bos. "The crises we have experienced since then have only further underlined this vulnerability. In light of this, the Executive Board considers the use of these funds to help students in need very appropriate."
Eternal Blue, a reminder of the cyber attack
Eternal Blue, a new artwork by Richard Vijgen in the main hall of the Aula at the Minderbroedersberg commemorates the cyberattack of 23 December 2019. It's a is a screen in the shape of a clock or globe. Thousands of illuminated LED lights portray the approximately 10,000 attempts to hack Maastricht University that happen every day from all over the world.