Extra monitoring of Canvas

“It is not possible to guarantee complete protection against future attacks, but the chances of Canvas functioning securely are better than ever, given the security improvements made in recent days,” says Arnold Pears, object owner for e-learning, professor and head of the Department of Learning.

Several teachers are concerned about further disruptions, particularly ahead of the exam period which begins in two weeks’ time. The Department of Learning, which is responsible for Canvas at KTH in conjunction with the IT department, has put in place additional technical monitoring and has staff on call for the duration of the cyber incident.

“We are doing our utmost to prevent this from happening again. The improvements that Instructure has now made to the system have restored our confidence in it. But we are ready to take further measures until the situation is fully resolved,” says Pears.

Canvas is up and running, and the responsibility for protecting against new attacks lies primarily with Instructure and Sunet (Swedish University Computer Network), explains Hans Wohlfarth, head of the IT department.

“At the same time, KTH has a package of measures that we have now tested in real-world conditions during both the shutdown and the recovery. This has worked well,” he says.

How should teachers act at present?

“The most difficult part is how to get new information out to all teachers and students, so I urge everyone to log on to the intranet intra.kth.se/en/it/kontakta-it-support/anstallda  to check what is happening and to follow developments regularly,” Wohlfarth says.

KTH originally received information about the cyber security incident from Sunet and the provider Instructure. An investigation is underway at Instructure, in collaboration with external security experts. KTH is monitoring the situation closely and is in ongoing dialogue with Sunet and Instructure.

It is still unclear what data may have been leaked from the system and affected several higher education institutions. Once the investigation is complete, each institution will receive more detailed information about which data is affected.

Footnote: Students are advised to obtain further information about the situation primarily via the KTH Student Web at www.kth.se/student

See also the new artice: Suspected data breach in Canvas

How KTH teachers can get support during Canvas outages

For short outages:

• Temporary teaching without Canvas

In the event of longer outages:

• Sunet and KTH are looking into setting up a Canvas instance on their own servers.

• KTH is preparing to update its backup solution in the event of a more extensive situation.

Canvas is the learning platform used for all courses and programmes at KTH. It contains course materials and assignments, amongst other things. In Canvas, students can communicate with teachers and fellow students and receive updates on courses or programmes.

 Text: Christer Gummeson (gummeson@kth.se)