Feeds

Florida Uni on brown alert after hack attack

IT hits the fan

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Students and staff at Florida International University (FIU) were warned they are at risk of identity fraud this week after techies discovered hackers had broken into college systems. A file found on a compromised computer showed that an unknown hacker had access to the username and password for 165 computers at the University, sparking a major security alert.

A preliminary investigation has revealed that only a few of the compromised computers contained sensitive information (e.g. credit card details and social security numbers). That’s by enough by itself but the greater fear is that hackers have compromised the University’s network to such as extent that few systems are safe. FIU information-systems chief John P. McGowan reckons hackers based in Europe are responsible for the attack, the Orlando Sentinel reports.

Users are being advised to remove any sensitive information from their university computers. They are also advised to set up a fraud alert on their credit file, as a precaution. The amount of confidential information obtained by hackers is unclear. There’s no evidence that any fraud has taken place as yet. Even so university authorities are taking the problem seriously, going to the unprecedented length of having technicians examine 3,000 campus computers for possible security problems in a scheme likely to take weeks if not months to complete.

Among other things these technicians will be updating operating system and anti-virus protection, removing known Windows vulnerabilities, re-configuring log-in accounts, scanning for applications that allow for unauthorized access as well as disseminating new information on effective password management and computer user access guidelines. As part of this extensive security mitigation checklist, technicians will also be examining PCS for types of sensitive information (i.e., SSNs, credit card numbers) saved on computers or network file shares but not recording the actual numbers. This last procedure comes perilously close to been a security risk in itself, you might think.

Florida International University has reported the incident to the FBI for investigation. FIU joins a growing list of US Universities to have suffered cyber attacks over recent months. Boston College, Carnegie Mellon University and Northwestern University have been among the victims. ®

Related stories

Berkeley hack sparks legislative backlash
Student owns up to Texas Uni cyber-heist
Student charged with massive ID fraud
Feds probe huge California data breach
ID theft is inescapable

Related links

FTC advice on guarding against identity theft FIU's alert

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.