Latest news
Computers and servers of the City College of San Francisco have been discovered to be infected with a myriad of computer viruses and information-stealing malware, and some of the infections can be traced as far back as the last century, reports the SFGate.The widely spread compromise of college computers was unearthed by David Hotchkiss, the college's chief technology officer who was hired in July 2010.
He first spotted something being wrong with a single lab computer at Cloud Hall on the Phelan Avenue campus, but further investigating the matter he discovered an infestation of viruses that compromised a great number of servers and desktop computers across the college district's administrative, instructional and wireless networks.
The suspicious behavior that triggered the discovery consisted of viruses starting its data-collecting mission each night around 10 p.m. and sending it out to sites in Russia, China and other countries. In fact, at least 723 IP addresses of those sites can be traced to the infamous Russian Business Network, a cyber organization stealing and dealing with personal and financial information.
It is still unknown which particular data was stolen over the years, but it is thought to be mostly personal information belonging to students, faculty and administrators of the college, and perhaps financial data of those who used college computers for online banking.
So far, it seems that at least the students' and staff's medical information has not been compromised, but the college's payroll, admissions and accounting systems have not yet been analyzed for evidence of infection. Since the existence of the infection was first spotted before Thanksgiving, I wonder what are they waiting for.
But the reason for the lack of promptness might be the same one that created the fertile ground for the infection: lack of adequate funds and general computer security awareness.
Hotchkiss says that when he began his work at the college he found porous computer systems and appalling security practices: passwords that weren't changed for over 10 years, poor network design, outdated technology, and technophobic staff and college leaders. This last thing might also be part of the reason why some of the detected viruses are believed to have lingered on computers since 1999.
No cases of identify theft have yet been linked to the compromise, but the investigation is still at the beginning, and the FBI is likely to get involved.
Spotlight
17% of the world's PCs are unprotected
Posted on 30 May 2012. | In a study that analyzed data from voluntary scans from an average of 27-28 million computers per month, McAfee researchers found 17% of the world is browsing the internet completely unprotected.
What's new in ISO 22301
Posted on 29 May 2012. | Currently there are many business continuity frameworks and standards around the world, but none of them have really taken the dominant position.
Trojan spyware promoted as Steam keygen
Posted on 29 May 2012. | To users looking for keygens for their Steam games, read on: we found something that will make you think twice and probably leave you steering clear of key generators forever.
New cyber weapon targets systems in the Middle East
Posted on 28 May 2012. | A new sophisticated piece of malware dubbed "Flame" has been discovered in systems belonging to users in many Middle Eastern countries and is though to have been developed by a nation state.
RuFraud scammers caught and fined
Posted on 28 May 2012. | PhonepayPlus managed to cut off a malware attack that took the form of premium SMS fraudulent apps masquerading as popular apps offered on Google Play and other online stores.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
 |
