The officials at The Penn State College of Engineering announced that its servers were attacked in two “extremely sophisticated” cyber-attacks and as a result, personal data of 18k folks was affected.
On Friday (15th of May) the Penn State University said that its College of Engineering was attacked by two cyber-attacks, one in 2012 which was allegedly carried out by China (targeting servers containing data of about 18,000 people.)
The college stated they didn’t found any individual’s information getting hacked, but some SSNs (Social Security numbers), usernames and passwords do appear to have been stolen.
The Federal Bureau of Investigation (FBI) was the body behind alerting the collage about these cyber attacks.
In a letter issued on Friday by the Eric Barron (Penn State President), he stated, “This is an incredibly serious situation, and we are devoting all necessary resources to help the college recover as quickly as possible; minimize the disruption and inconvenience to engineering faculty, staff and students; and to harden Penn State’s networks against this constantly evolving threat.”
The Mandiant digital security firm’s chairperson Nick Bennett calls this sort of assault “the new normal” in a press release, and clarifies that every organizations, institutions and governments are always at danger. Mandiant is right now meeting expectations with Penn State to explore the attacks and reinforce the college’s security frameworks.
The College of Engineering’s PC network is as of now disengaged from the web, and is likely to be logged off for a few more days.
A warning notice has been issued which can be found here.
Nick Bennett said, “Penn State should be commended for acting quickly to address these breaches, immediately launching a comprehensive internal investigation into the FBI’s report and retaining leading third-party computer forensic experts to assist in the investigation.”
Eric J. Barron said, “Moving forward, we all will need to take additional steps to protect ourselves, our identities and our information from a new global wave of cybercrime and cyberespionage.”
He also added, “Cyber attacks like this – sophisticated, difficult to detect and often linked to international threat actors – are the new normal. No company or organization is immune.”
Kevin Morooney, Vice Provost for IT at Penn State said, “At Penn State, our information security protocols and practices help us to turn back millions of malicious computer attacks against the University every day. However, in this case we are dealing with the highest level of sophistication. Unfortunately, we now live in an environment where no computer network can ever be completely, 100 percent secure.”
He further added, “In light of increasingly hostile and coordinated threats against large organizations around the world, we are launching a comprehensive review of all related IT security practices and procedures at Penn State. As this review continues, we will keep in mind our intrinsic need as a university to be an open environment for learning and collaboration, while at the same time acknowledging the need to further strengthen our security posture to marginalize cybercrime.”