A re­cent cy­ber­at­tack that dis­rupt­ed the Uni­ver­si­ty of T&T’s (UTT) on­line op­er­a­tions and forced the post­pone­ment of ex­am­i­na­tions has re­newed con­cerns about the coun­try’s grow­ing de­pen­dence on cloud-based ed­u­ca­tion plat­forms.

Cy­ber­se­cu­ri­ty ex­pert Daren Dho­ray yes­ter­day said the in­ci­dent, while deeply frus­trat­ing for stu­dents and staff, high­lights a glob­al vul­ner­a­bil­i­ty rather than an iso­lat­ed fail­ure by UTT.

He said the dis­rup­tion stemmed from an at­tack af­fect­ing Can­vas Learn­ing Man­age­ment Sys­tem (CLMS), a pop­u­lar cloud-based learn­ing man­age­ment sys­tem used by uni­ver­si­ties world­wide.

“Hun­dreds of uni­ver­si­ties across the globe were ac­tu­al­ly im­pact­ed and it shows that the re­liance on these cloud in­fra­struc­tures. We need to have back­up strate­gies so that we don’t en­counter sit­u­a­tions where, dur­ing ex­am times, stu­dents are put un­der un­nec­es­sary stress to de­lay their ex­ams. So it’s a rather un­for­tu­nate sit­u­a­tion,” Dho­ray said, adding that such sit­u­a­tions place un­nec­es­sary stress on stu­dents.

He added that ma­jor cloud ser­vice providers are fre­quent tar­gets for cy­ber­crim­i­nals due to their size and reach.

“Once you have these re­liance on these cloud providers, es­pe­cial­ly very pop­u­lar ones, which tend to be high tar­gets for cy­ber­crime and cy­ber-re­lat­ed in­ci­dents, you al­ways have to put in these types of mit­i­ga­tion strate­gies to deal with it if in the event that it hits home like it did,” Dho­ray said.

He ad­vised that UTT use the in­ci­dent as a learn­ing op­por­tu­ni­ty, not just from a cy­ber­se­cu­ri­ty stand­point, but from a busi­ness con­ti­nu­ity per­spec­tive.

Teach­ing and learn­ing, he not­ed, are UTT’s core ser­vices, and re­ly­ing en­tire­ly on an ex­ter­nal ven­dor for those ser­vices places the in­sti­tu­tion “at the be­hest” of that provider.

One prac­ti­cal step he rec­om­mend­ed is con­duct­ing table­top ex­er­cis­es, where se­nior lead­er­ship sim­u­lates a sys­tem out­age and de­cides in re­al time how to re­spond.

“If your sys­tems are down, what do you do? Who com­mu­ni­cates with stu­dents? How do ex­ams con­tin­ue? These ques­tions should al­ready be an­swered be­fore an in­ci­dent oc­curs,” Dho­ray said.

Look­ing more broad­ly, he warned that busi­ness­es and pub­lic in­sti­tu­tions across the coun­try face sim­i­lar risks.

Since the pan­dem­ic, many or­gan­i­sa­tions have rapid­ly moved op­er­a­tions to the cloud with­out ful­ly plan­ning for fail­ures or cy­ber­at­tacks.

“I think now is a good time for us to bring that back home and un­der­stand that maybe we prob­a­bly need to look still at some of these of­fline meth­ods. Good old pa­per strat­e­gy might still work in the case where you want to con­tin­ue run­ning your busi­ness, es­pe­cial­ly for a small busi­ness that might be re­ly­ing on a cloud ac­count­ing soft­ware or even e-com­merce,” Dho­ray ex­plained.

In 2023, sev­er­al state agen­cies were the vic­tims of cy­ber­at­tacks, in­clud­ing the Telecom­mu­ni­ca­tions Ser­vices of Trinidad and To­ba­go, the Na­tion­al In­sur­ance Board and the Of­fice of the At­tor­ney Gen­er­al and Min­istry of Le­gal Af­fairs.

On Fri­day, UTT’s prin­ci­pal Pro­fes­sor Re­an Ma­haraj told Guardian Me­dia that, as it stands, the uni­ver­si­ty be­lieves on­ly the stu­dents’ uni­ver­si­ty-as­signed email ad­dress­es were leaked.

He al­so con­firmed the CLMS was back on­line.

–GEISHA KOW­LESSAR-ALON­ZO