College Of The Liberal Arts Victim Of Cyberattack
In light of the targeted cyberattacks on the College of Engineering, the university sought to heighten network security measures and uncovered a cyberattack on the College of The Liberal Arts in the process.
The attackers activity was first detected by Mandiant, a cybersecurity firm hired by the university, on May 4. According to a news release from the university, attackers exploited a vulnerability and gained access to the network as early as March of 2014.
There was no evidence to suggest any personally identifiable information or research data was accessed or stolen, but a number of usernames and passwords were compromised. For more information on the attack, and steps to reset your password if effected, read here.
Here’s what Nicholas Jones, Penn State’s provost and executive vice president, said about the attack:
Penn State takes very seriously the security of the sensitive data in its care and we are continuing to investigate the circumstances that ultimately allowed attackers to access the network in the College of the Liberal Arts. Over the last several months at Penn State, we have implemented advanced monitoring techniques designed to better detect these intrusions, and that is what happened in this case. As we continue to see in the news, large organizations, including governments corporations and universities, must do more to protect sensitive data from increasingly aggressive criminals. This is particularly challenging at a large public research university, where collaboration and cross-pollination of ideas and information is at the very core of our academic mission. However, this is a challenge we must face directly and with determination.
The university has launched a review of all IT security practices and procedures. University officials plan to implement a number of security enhancements — like a two-factor login authentication process — university-wide in the coming months.