Tag

academia

Browsing

Steven Ragan at CSO writing about about Penn State was hacked purportedly by Chinese attackers according to forensics and analysis conducted by Mandiant:

Last November, university officials explained, the school was contacted by the FBI and alerted to an attack of “unknown origin and scope” on the College of Engineering network. Shortly after the FBI alerted the school to the problems, they contacted Mandiant in order to hire FireEye to help with internal investigations.

“The investigation revealed the presence of two previously undetected, sophisticated threat actors on the college’s network. Mandiant has confirmed that at least one of the two attacks came from a threat actor based in China, which used advanced malware to attack systems in the college. The investigation has revealed that the earliest known date of intrusion is September 2012,” the school’s statement continued.

The investigation so far has turned up nothing to suggest that PII (e.g. Social Security Numbers) or financial data was compromised. However, there has been evidence that a number of usernames and passwords issued by the College of Engineering were compromised during the attack.

Considering how the malicious actors targeted the Penn State college of Engineering, I think it is safe to say they were after intellectual property and other similar data. The primarily goal of this attack undoubtedly was not to steal PII but to exfiltrate university engineering related IP.

Because of how university networks are, generally speaking, fairly open networks, attacks like this are only going to increase as China, and other developing nations with sophisticated computer network operations skills, look to strengthen their industrial capabilities.

Disclaimer: I work for Intel Security, a FireEye/Mandiant competitor.

Christopher Magan reporting for the Duluth News Tribune on a cyber attack against online test provider Pearson, preventing students from completing their necessary certification and proficiency examinations:

Minnesota’s online student proficiency testing was suspended Wednesday for the second time this year after test provider Pearson experienced another cyber attack.

Brenda Cassellius, state education commissioner, said Pearson reported a “distributed denial of service attack” as students tried to take the science portion of the Minnesota Comprehensive Assessments.

Pearson told state leaders an outside source was trying to disrupt the testing system, leading to serious testing delays for students.

“It is simply unacceptable and unfair to subject students and teachers to this kind of uncertainty in a high-stakes testing environment,” said Cassellius. “After the April 21 suspension, Pearson added additional security measures to prevent this type of disruption. Given the need to suspend testing today, I have questions about Pearson’s ability to follow through on their assurances.”