PSU news by
Penn State's student blog

Topics

About

Administrators Discuss Cyberattack On The College Of Engineering

In a press conference at Old Main today, provost Nick Jones, along with senior manager of third-party security company Mandiant Nicholas Bennett, further elaborated on the cyberattack on the College of Engineering. Although the university was made aware of the cyberattack in November, Jones said the delay in reporting the incident to the public was part of a “coordinated matter important for success.” He reiterated this is an incredibly serious situation.

Bennett, before answering questions and elaborating on the situation, commended Penn State for acting quickly to address the breaches, noting the university moved in a conscious and timely manner to research and combat the attack and contact a third-party security company.

When the College of Engineering was taken off the network after the public announcement, the passwords of students, faculty, and staff in the college auto-expired to protect their information. The university is now efficiently equipped and informed to combat the attack. Seeing as the College of Engineering is one of Penn State’s largest, the decision to take the college offline impacts hundreds of faculty and thousands of graduate and undergraduate students. Though the semester ended last week, access to documents and research on the college’s server is hindered, which will likely impact Summer Session. Timing was taken into consideration to best minimize the impacts, Jones said. Members of the College of Engineering currently have no access to the network or any work that involves IT.

Bennett said there is no direct evidence of stolen Social Security information or other data theft, but the usernames and passwords of those in the College of Engineering were compromised. Both he and Jones said there is also no evidence of exfiltration of data, threat actors who had access to usernames and passwords had the ability to look at the information available on these accounts.

The information jeopardized by the attack spanned “around 18,000 personally identifiable pieces of information on several systems,” and Jones said that “if this data falls into the wrong hands, it can be used for inappropriate purposes.” That being said, he noted none of the compromised information is anything that would be a threat to national security if it got into the wrong hands, and at this time the university does not have evidence this data was in fact removed from the servers.

As of right now, there is no speculation as to the motive of the hackers, of which there were two separate parties. Evidence of the initial hack was first traced to September of 2012, and the first presence of the second attacker was discovered in July of 2014. As stated in the release from the College of Engineering earlier today and reiterated in the press conference, at least one of the threat actors is located in China, but the university does not know who it was or the exact location in China. Each source accounted for a separate intrusion, and each intrusion lasted from the time of initial access to the system until today.

When asked about the next step in the large-scale, ongoing investigation and remediation of the attack, Vice Provost of IT Kevin Morooney said the university will employ more vigorous monitoring to understand the constantly evolving threat. Jones additionally stressed the university and Mandiant have “invested tens of thousands of person hours over the last several months in investigating the attack and preparing for the remediation.”

About the Author

Lexi Shimkonis

Lexi is an editor-turned-staff writer who can often be found at either Irving's or the Phyrst (with the chances she'll have her backpack being the same). Lexi is a senior hailing from Spring City, PA (kind of) and studying Civil Engineering. Please email questions and/or pleas for an Instagram caption to [email protected], or for a more intimate bond, follow her on Twitter @lexshimko.

Comments

More by Lexi

A Special, Precious, & Eventful Experience: Lexi Shimkonis’ Senior Column

“And here in this lovely, intriguing spot called Penn State, each of us staked our own special, precious, and eventful life.” — Ross Lehman

Homecoming To Replace King And Queen With Gender-Neutral Court

[Video] An Interview With Line Dance Leader Gina DeFrancesco

Athletics

Former Cal Swimmer Says She Emailed Sandy Barbour About Sexual Harassment Claims

Longtime Cal athletics employee Mohamed Muqtar was accused by seven former Golden Bears student-athletes of sexual violence and harassment dating back 20 years prior to his firing on May 11. An internal investigation from the school substantiated those claims.

Max Sauve Commits To Penn State Hockey

Penn State Women’s Volleyball Releases 2018 Schedule

Penn State Hoops Alumnus Joonas Suotamo’s Journey To Becoming Chewbacca Featured On ESPN’s ‘E:60’

Evaluating Tony Carr’s Performance At The 2018 NBA Draft Combine

Student Life

10 Questions With 2019 Class Gift Director Tom Beeby

Tom Beeby will serve as the 2019 Class Gift Executive Director.

Career Services To Launch Integrated Career Management & Recruiting Platform

Penn State Esports Wins Tespa Collegiate Hearthstone Championship

Plans Submitted For New KFC In State College

Developers have submitted preliminary land development plans to build a new KFC restaurant at 1780 S. Atherton St. in State College.

Penn State Names Guadagnino Vice President For Administration

Guadagnino will continue to provide legal advice as associate general counsel in addition to his duties as vice president.

Former Cal Swimmer Says She Emailed Sandy Barbour About Sexual Harassment Claims

Longtime Cal athletics employee Mohamed Muqtar was accused by seven former Golden Bears student-athletes of sexual violence and harassment dating back 20 years prior to his firing on May 11. An internal investigation from the school substantiated those claims.

Be the first to know

  • Top posts and the best Penn State stories

Thank you for subscribing.

Something went wrong.

10 Questions With 2019 Class Gift Director Tom Beeby

Tom Beeby will serve as the 2019 Class Gift Executive Director.

Send this to a friend