Hacker attacked school computer
Results 1 to 4 of 4

Thread: Hacker attacked school computer

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324

    Hacker attacked school computer

    Sigh. First UBC, now Nipissing. And the "attacker" was on there for 7 months!!.

    I personally love the line where they say they followed "standard security procedures". I wonder if that included live checks of the server on a regular basis? It is a good reminder to all to check your systems on a regular basis for possible activities. Firewalls and IDSes only go so far. Human eyes and brains can pick up so much more (and "it takes too much time" doesn't fly).

    Source: The Toronto Star


    Nipissing University records accessed
    `Keystroke logger' discovered on server

    RACHEL ROSS
    TECHNOLOGY REPORTER

    A Northern Ontario university is advising students and staff to check their credit records for unauthorized loans, after discovering a hacker has been keeping tabs on the school's computerized administration system.

    Spying software that records every keystroke was discovered on a central computer server at Nipissing University, in North Bay, last week nearly seven months after it was first installed.

    The breached server contained registration and payroll information for the entire school.

    "We do what everybody else does when it comes to computer security, but whoever it was still broke in," said Murray Green, vice-president for administration and finance at Nipissing University. "I was shocked."

    Green said the hacker could have accessed the names, addresses and social insurance numbers for approximately 7,000 university students, graduates and staff. Bank account numbers for employees also might have been exposed.

    Suspicions were raised a month ago when the school noticed unusually high levels of traffic on the computer network. Security specialists from Sun Microsystems were called in to investigate the problem and found spying software, known as a keystroke logger, had been running on the machine since March 25.

    For the last seven months, whenever someone logged in to the system, the keystroke logger recorded their username and password. Such information could have been automatically transferred to the hacker via the Internet, Green said.

    Once the hacker had someone's password, he could have used it to access their personal information. Hackers often go after social security numbers and banking information to assist in identity theft, taking out mortgages or credit cards in other people's names.

    Consequently, the school is advising Nipissing students, staff and alumni to check their credit records and call their bank to ensure no loans have been taken out without their knowledge.

    "The programs installed on our servers were done by a sophisticated user(s) and ordinary operating commands would not detect their activity. How this information was used is unknown at this time but anything is possible," Green wrote in a candid e-mail sent out to staff on Oct. 15. "This includes payroll information, bank accounts, passwords providing access to other secure sites, etc."

    While not overly alarmed, students and staff at the university admitted concern.

    "I think most people are adopting a wait-and-see attitude," said sociology professor Stan Lawlor, adding people are anxious to know the hacker's purpose. "Was it to obtain private information, or information on the university, or identity theft?"

    Anthony Digiacomo, a second-year business student, said the university has more to worry about than individual students.

    "I guess I keep thinking that the worst that could happen is that the hacker gets to pay my student loans for me, so I'm not exactly worried about it.

    "If someone wants to steal my identity, they're going to have a whole lot of debt to pay."

    Staff Sergeant Rick Sapinski of the North Bay Police Service said officers are investigating.

    "We do not as yet have any suspects. We're just starting the investigations," he said. "We're working as quickly as we can."

    He said the North Bay police have never dealt with such a major computer security breach before.

    Green said that while the school often deals with viruses on student computers, it's the first time the university's administration system has fallen victim to a hacker.

    Roger Thompson, director of malicious content research for Computer Associates International Inc., said the hacker probably did steal some financial data given the length of time he had to perpetrate the crime.

    Thompson said keystroke loggers are "very prevalent." But he said they are normally found on personal computers, not major servers run by large institutions.

    Green insists the school followed all the standard security procedures and had firewalls and monitoring software in place to catch hackers.

    With files from Phil Novak

    Additional articles by Rachel Ross
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    Green insists the school followed all the standard security procedures and had firewalls and monitoring software in place to catch hackers.
    Then their standards are set way too low. They don't even have any physical security in place, and haven't even physically looked over their equipment.

    Security specialists from Sun Microsystems were called in to investigate the problem and found spying software, known as a keystroke logger, had been running on the machine since March 25.
    They had to call an outside agency in to even find a stange physical object hanging off the back of their server.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  3. #3
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    "We do what everybody else does when it comes to computer security, {....}
    Act like an ostrich and pretend it'll never happen to you?
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  4. #4
    Antionline Herpetologist
    Join Date
    Aug 2001
    Posts
    1,165
    They had to call an outside agency in to even find a stange physical object hanging off the back of their server.
    I think it was a software keylogger not a hardware one. I hardly think a hardware keylogger would be able to log the username and password of someone logging in over the network .

    Cheers,
    cgkanchi
    Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
    My blog: http://biology000.blogspot.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides