Penn State has discovered a new series of cyberattacks on the university, though the perpetrators are still unknown.
In fact, just about everything about the attacks is unknown, including the motive and what the information stolen could be used for.
The university announced the cyberattacks, which were directed against the College of Liberal Arts, in a news release on Friday afternoon.
According to the release, the attacks may have compromised usernames and passwords, but no PII (personal identifiable information) or research data was accessed. PII includes social security numbers, credit card numbers, and things of that nature.
“If you’re connected to the internet these days, you’re under constant attack,” vice provost of information technology Kevin Morooney says. “There’s been numerous stories in the media about various industries being attacked. We’re constantly monitoring and at this point we don’t have any evidence of any other attacks going on.”
As a precaution, the university is asking faculty and staff to change their passwords. Morooney says password information was not compromised for students.
After similar attacks against the College of Engineering were discovered in May, the university began an evaluation of its cyber security in order to protect against future attacks. That evaluation unveiled these liberal arts attacks, the first of which occurred in 2014. The second attack took place between March and May of this year. They were both discovered last month.
Penn State provost Nick Jones says the university needs to work to balance its educational mission with the need to to maintain a secure technological system.
“We have a pretty aggressive security posture as an institution,” he says. “There’s always balancing against that the fact that we’re an educational institution and we value collaboration and cooperation.”
However, after the engineering attacks came to light, Penn State became more cognizant of the need for additional security measures.
“We certainly have increased security considerable since the first knowledge of the engineering attack, so we think we’re in a better position as an institution to protect ourselves from these types of intrusions,” Jones says.
The new security measures include an enhanced login protocol called two-factor authentication, which the university has now accelerated after a new group of attacks were found.
According to Mandiant, a security consultation company working with the university, there is currently no information on the attackers. As such, there is no way to know if the engineering attack and liberal arts attack were done by the same perpetrator.
“On an average day last year, Penn State alone repelled more than 22 million overtly hostile cyberattacks,” the news release says. “However, in light of increasingly hostile and coordinated threats against large organizations around the world, Penn State has launched a comprehensive review of all related IT security practices and procedures.”
The university will continue its analysis of its security systems in order to enhance its security efforts.
POPULAR STORIES:
Weekend Brings Persistent Rain, Potential Floods, and Chilly Temperatures
State College Woman Convicted for Attacking Ex with Hammer, SUV
Penn State Football:Four-Star Defensive Tackle Ellison Jordan Verbally Commits
Penn State Ticket Guru Bud Meredith Retires After Five Decades
The Big Bang: Controlled Explosion at High School Makes Way for Rennovations
Schlow Library Helps Kids Find Their Inner Superhero
For James Franklin and Penn State, Why Hiring Jim Haslett is a Low-Cost Win-Win
Former Penn State Soccer Star To Appear In ESPN’s Body Issue
Penn State Football: Defensive Tackle Christian Colon Verbally Commits
