Case Study: Maastricht University strengthens cyber resilience after ransomware with SURF

Maastricht University ransomware behind the scenes

Maastricht University faced a significant challenge when it was hit by a large-scale ransomware attack in December 2019, which encrypted its systems and threatened student and research data. The university, with the support of vendor SURF, engaged its SURFcert team to assist with the immediate response, investigation, and crisis management.

Throughout the incident, SURF provided crucial support to the university, including setting up a temporary mail server to restore communication. SURF's assistance was part of a broader solution that, while ultimately requiring a ransom payment to decrypt data, led to valuable security lessons. The university used the crisis to accelerate planned security enhancements, including improved logging, more resilient backups, and network segmentation.

Maastricht University

Bart van den Heuvel

Chief Information Security Officer