Hackers sift through Penn State's engineering PCs for more than two years
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!Tweet Share on Twitter.
May 15, 2015
Penn State University, which develops critical technology for the U.S. Navy and the Military, revealed today that hackers from China have been sifting through the computers of its engineering school since November 2014, and that other U.S. universities could be affected in similar cyber attacks.
One of the U.S.' largest and most innovative research and engineering universities, Penn State offers a potential treasure trove of technology that’s already being developed with several partners for commercial applications as well as for the U.S. Navy.
This most recent security breach suggests that foreign spies in China and elsewhere could be using universities as a backdoor to U.S. commercial and defense secrets, and this is a troubling revelation.
The Chinese hackers are so deeply embedded that the engineering college’s computer network will be taken completely offline for several days while investigators work to kick out the various intruders.
“This was an advanced and very complex attack against our College of Engineering by very sophisticated threat actors,” said Penn State President Eric Barron in a letter to professors and students today.
“This is an incredibly critical security breach, and we are devoting all necessary resources to help the university recover as quickly as possible,” he added.
The FBI notified the university of the security breach in November 2014, spawning a months-long investigation that eventually found two separate groups of hackers stealing sensitive data.
The first group has been linked by investigators to the Chinese government, according to a person familiar with the probe.
The second group has not been identified yet, but investigators believe it is the work of state-sponsored hackers, most likely from rogue nations.
The investigation and its various remediation efforts have already cost Penn State millions of dollars, said Nicholas Jones, the university provost.
U.S. engineering schools such as the Massachusetts Institute of Technology (MIT), the California Institute of Technology (Cal Tech), Berkeley, Carnegie Mellon, and Johns Hopkins University, have all been among the top targets of Chinese hacking and other intelligence operations for several years.
Those critical security breaches have been for both commercial and defense purposes, and universities have long struggled in the past to secure their computers as best as they can against these advanced attacks.
U.S. officials have already said that Chinese cyber and conventional espionage directed at American universities, companies and research laboratories has greatly increased with the size and sophistication of Chinese computer spying in the last three to four years.
One focus of Chinese hackers is the design and control of unmanned aerial, ground and undersea vehicles, along with the communications systems linking American reconnaissance and navigation satellites to ground stations, said three officials familiar with the issues but who spoke on the condition of anonymity.
In addition to online activities, the Chinese government has sent legions of graduate students to U.S. schools and has tried to recruit students, faculty members and others at both universities and government research facilities, several recent law-enforcement investigations reveal.
“There is an active threat and it's not just against Penn State but against many different organizations and universities across the world, including higher education institutions,” said Nick Bennett, a senior manager at Mandiant, a security division of FireEye Inc., which aided the university in the investigation.
Overall, U.S. universities “need to start addressing these serious threats very aggressively,” Bennett said in an interview.
Among Penn State’s specialties is aerospace engineering, which has both commercial and defense applications important to China’s government. The university is also home to Penn State’s Applied Research Laboratory, one of fourteen research centers around the United States that work mainly for the military.
While the lab is not part of the College of Engineering, Jones said experts there have been nevertheless alerted to the security breach and are still investigating whether the hackers could have moved there from those networks.
Bennett added that the lab’s computers are separated from the engineering college by “network-based controls,” and its personnel utilize different passwords. The Applied Research Lab has been doing work for the U.S. Navy since 1945 and specializes in undersea propulsion and navigation systems.
That the hackers were inside the network undetected for more than two years raises the possibility that they used connections between computers to move into more highly guarded networks, including defense contractors, government agencies or the Navy, according to the person familiar with the investigation.
The university has already told 500 partners-- companies, government agencies, and other universities of the security breach and of other possible risks.
It has also notified no less than 18,000 students and professors whose personal data, including social security numbers, were stored on one of the computers accessed by the hackers.
Jones said Penn State hopes to use its vast experience to help other universities that are also likely targets for advanced cyberspies and other internet intruders, providing information on the breach as well as other advanced security measures the university is putting in place.
Source: Penn State University.
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!