Feeds

Florida Uni on brown alert after hack attack

IT hits the fan

  • alert
  • submit to reddit

Next gen security for virtualised datacentres

Students and staff at Florida International University (FIU) were warned they are at risk of identity fraud this week after techies discovered hackers had broken into college systems. A file found on a compromised computer showed that an unknown hacker had access to the username and password for 165 computers at the University, sparking a major security alert.

A preliminary investigation has revealed that only a few of the compromised computers contained sensitive information (e.g. credit card details and social security numbers). That’s by enough by itself but the greater fear is that hackers have compromised the University’s network to such as extent that few systems are safe. FIU information-systems chief John P. McGowan reckons hackers based in Europe are responsible for the attack, the Orlando Sentinel reports.

Users are being advised to remove any sensitive information from their university computers. They are also advised to set up a fraud alert on their credit file, as a precaution. The amount of confidential information obtained by hackers is unclear. There’s no evidence that any fraud has taken place as yet. Even so university authorities are taking the problem seriously, going to the unprecedented length of having technicians examine 3,000 campus computers for possible security problems in a scheme likely to take weeks if not months to complete.

Among other things these technicians will be updating operating system and anti-virus protection, removing known Windows vulnerabilities, re-configuring log-in accounts, scanning for applications that allow for unauthorized access as well as disseminating new information on effective password management and computer user access guidelines. As part of this extensive security mitigation checklist, technicians will also be examining PCS for types of sensitive information (i.e., SSNs, credit card numbers) saved on computers or network file shares but not recording the actual numbers. This last procedure comes perilously close to been a security risk in itself, you might think.

Florida International University has reported the incident to the FBI for investigation. FIU joins a growing list of US Universities to have suffered cyber attacks over recent months. Boston College, Carnegie Mellon University and Northwestern University have been among the victims. ®

Related stories

Berkeley hack sparks legislative backlash
Student owns up to Texas Uni cyber-heist
Student charged with massive ID fraud
Feds probe huge California data breach
ID theft is inescapable

Related links

FTC advice on guarding against identity theft FIU's alert

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New twist as rogue antivirus enters death throes
That's not the website you're looking for
ISIS terror fanatics invade Diaspora after Twitter blockade
Nothing we can do to stop them, says decentralized network
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.