After a decade of crawling the networks at the college and transferring data like banking information of the students, administrators and faculty at City College San Francisco, the “infestation” of computer viruses were discovered in late November. Since then, officials from the college have reported that they may need to bring in the FBI to assist with the situation.
When an unusual pattern of computer activity was detected by the data security monitoring service that the City College San Francisco utilizes, red flags went up, pointing to the Phelan Avenue computer lab at Cloud Hall. It seemed that malware was scanning the computers for data. The lab was immediately shut down by chief technology officer, David Hotchkiss. He then reported the issues to General Counsel Scott Dickey, Chancellor Don Griffin and Board of Trustees President John Rizzo.
The Cause of the CPU Issues
Upon further inspection, they found that malware had been lurking in the school’s computer system since 1999. Once daily, near the 10 p.m. hour, viruses would crawl the networks at the college and transmit sensitive data to websites in China, Russia, Iran, the U.S. and at least six other countries.
The entire campus is at risk for these viruses, including administrative, instructional and WiFi. There’s even a possibility that anyone who brought a flash drive home from the college with information on it and connected it with their personal computer may have brought the virus to their home computer. One of things that could be at risk on these home computers, if they happened to be compromised and “catch the virus”, would be online banking.
Officials Still Investigating
At this point in time, officials do not know exactly how much information has been stolen or what types of data has been transmitted. There are not any cases of identity theft attached to the incident yet; however, there is a chance that cases may be revealed once more investigations have been analyzed and concluded. The college still needs to check their admissions, payroll, and accounting systems for viruses. While the medical data that is stored in their system seems to be safe, they are hoping that none of the payroll, admissions and accounting information has been accessed or jeopardized. The fact that the malware was in existence for over a decade is cause for concern for the IT staff at the college.
“We may never know the full extent of the damage, and how many lives have been affected by this,” Hotchkiss stated. “These viruses are shining a light on years of neglect.”
Large Number of Infected Systems
Surprisingly, over 700 Internet protocol addresses were traced back to the Russian Business Network, “a notorious gang in the business of stealing and selling personal information,” Hotchkiss adds. Although the group disbanded in 2008, criminals are still using the same techniques that the Russian Business Network used to extract people’s private information and data from computers.
The security company, RSA, states that targeted attacks increased in recent weeks at U.S. Universities, with a focus on public state institutions. These attacks would attempt to extract data including grades, addresses, names, and payment information.
The RSA is still working on narrowing down the motives for this type of hacking, but hypothesizes that fraudsters who are targeting college students are interested in tracking the student’s credit and waiting until they are earning a gainful income in order to launch their identity theft attack.
Today, college students are Internet and technology savvy, quite often only using technological resources to pay bills and handle other personal business that requires sensitive information to be entered onto a computer. Additionally, they are not as concerned as they should be about protecting their identity from theft.