Tuesday, 19 May 2015

Engineering College Hit with Cyberattacks

Penn State’s College of Engineering was hit with two cyberattacks on May 15, in which hackers appear to have used advanced malware to gain access to sensitive information and intellectual property.

The college’s computer network has been severed from the rest of the internet for several days as a security precaution.

The FBI had been investigating cyberattacks on the College of Engineering since Nov. 21, 2014, at which time the FBI, Penn State Security and Operations personnel, and third-party security experts began an intensive investigation. Penn State also hired Mandiant, a cybersecurity forensic unit owned by FireEye. Mandiant confirmed that one of the two attacks was initiated by someone inChina.

The system was compromised as early as 2012.

Mandiant senior manager called advanced cyberattacks “the new normal” in a message to the Penn State community.

Penn State President Eric J. Barron announced on Friday that about 18,000 Social Security numbers were stored on affected computers. No personal information appears to have been stolen.

In response, the college will make various changes in its IT security protocols over the next few months, including the implementation of two-factor authentication on major university systems, stronger password management practices, and improved system and software administration. Students in the College of Engineering or those who had taken at least one engineering course were required to change their passwords for Penn State access accounts, and research partners have been notified of the attack. Other colleges do not appear to have been affected.

“Moving forward, we all will need to take additional steps to protect ourselves, our identities and our information from a new global wave of cybercrime and cyberespionage. As we have seen in the news over the past two years, well-funded and highly skilled cyber criminals have become brazen in their attacks on a wide range of businesses and government agencies, likely in search of sensitive information and intellectual property,” Barron wrote.

Penn State repelled more than 22 million hostile cyberattacks in the last year, a not-unusual number which, Vice Provost for Information Technology Kevin Morooney said, requires the same kind of information security and intrusion detection practices used by many large universities

View the original content and more from this author here: http://ift.tt/1EVPef5



from cyber security caucus http://ift.tt/1edVCZA
via IFTTT

No comments:

Post a Comment