Network problems 8th December

Abstract connected network

[08 December 2015]

Updated 4.30pm:

Students and staff across the University noticed slow and intermittent network connections this morning when loading some websites and other Internet resources. This began shortly after 9am this morning and was resolved at 11.50am.

The disruption was caused by a malicious attack on the Janet network, the national network providing Internet access for UK higher education. Bristol and all UK universities experienced problems due to this attack.

At Bristol normal service was restored at 11.50am. The network has remained stable since then and we have now closed this incident. There is a possibility of further disruption if the nature of the attacks change. IT Services and Janet are in contact and will continuing to monitor and respond accordingly.

Janet are also providing information on Twitter - see https://twitter.com/jiscmi

Frequently Asked Questions

What was the nature of this attack? This was a DDoS (Distributed Denial of Service) attack where attackers send huge amounts of network traffic to particular components, to try to disrupt service and take systems offline.

What was the target of this attack? The target was Janet, the University's upstream Internet provider, who also provide Internet to all other UK universities. Bristol was one of many affected.

Was any private information disclosed as a result of this attack? No information was disclosed to attackers as a result, the attack was simply trying to take services offline.

Will there be further attacks?There have been attacks on parts of Janet for several days which affected other universities, but these did not affect Bristol until 8th December. It is possible that there will be further attacks with the attackers moving on to other parts of the Janet infrastructure. Janet and the University will continue to monitor and respond to incidents.

What do Janet and the University do to respond to these attacks? There are steps that the University and Janet our provider take to reduce the likelihood of such attacks or respond to them if they occur, but details are confidential as this information could be useful to an attacker.