Penn State has revealed that it was hit with two major cyber attacks, one of which it determined originated from China. The announcement was made today, with the university saying that it first became aware of the threats on November 21, 2014 after being alerted by the FBI. According to the statement, the FBI alerted the university of a cyber attack taking place on its College of Engineering network. The university is saying that “advanced persistent threat actors” conducted the two cyber attacks, with “at least” one being based in China. The oldest discovered date of intrusion was September of 2012.
It was the engineering school specifically that was targeted by the attacks. Fortunately, the university says that it isn’t aware of Social Security numbers being swiped; password and usernames, however, were compromised. Those who potentially had personal data affected by the breach (about 18,000 people in this case) will be contacted by the school.
Penn State’s President Eric Barron made a lengthy statement on the matter, saying in part that “
In several days, our College of Engineering will emerge from this unprecedented attack with a stouter security posture, and engineering faculty, staff and students will need to learn to work under new and stricter computer security protocols. In the coming months, significant changes in IT security policy will be rolled out across the University, and all of us as Penn Staters will need to change the way we operate in the face of these new and significant challenges. This new threat must be faced head-on, not just by Penn State but by every large university, business and government the world over. This is a new era in the digital age, one that will require even greater vigilance from everyone.
Penn State isn’t the only entity to be attacked by hackers, of course, and some industries are seeing the instances of cyber attacks grow. Health care providers, for example, have seen a large number of breaches and attacks over the past couple of year.
SOURCE: Penn State