[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] FBI still investigating Bethel server hacking
From: InfoSec News <alerts () infosecnews ! org>
Date: 2006-09-26 6:52:12
Message-ID: Pine.LNX.4.61.0609260151560.470 () conundrum ! infosecnews ! org
[Download RAW message or body]
http://www.uaf.edu/sunstar/archives/20060926/hacking.html
By NATE RAYMOND
Managing Editor
September 26, 2006
UAF police asked the FBI to investigate the hacking at the Bethel campus
in April, but answers remain illusive into who illegally accessed a
server containing personal information for 38,941 current and former
students and employees.
"Right now, it's still a pending investigation," said FBI spokesman Eric
Gonzales. "So at this point, there's really little I can say on the
subject."
Sean McGee, UAF chief of police, said he chose to involve the Federal
Bureau of Investigation in the investigation on April 24, four days
after UAF announced the hacking occurred.
UAF announced April 20 that hackers accessed server at the Kuskokwim
Campus in Bethel multiple times from February 2005 to January 2006.
Records later showed that university official in Bethel had known about
the hackings since at least October.
According to an information resource security incident report, dated
April 18, the Bethel-based Windows 2003 server was called "Yukon."
Hackers had accessed it and installed rogue FTP servers into the
computer, the report says.
No one was fired because of the hacking, said Steve Smith, the chief of
the UA Office of Information Technology.
Handling the FBI investigation is the Anchorage field office, which
"employs individuals with the necessary training, experience, and
equipment to investigate this type of criminal act," McGee said via
e-mail this summer.
Smith said it could be a while longer before the FBI wraps up its work.
The bureau probably has higher priorities, he said.
Law enforcement officials have also utilized the computer forensic
facilities at UAF's Advanced System Security Education, Research and
Training Center.
"It sounds to me like they have it and it's not officially closed, but
it's not the first thing they do in the morning," Smith said.
The UAF police received no reports of identity theft during the summer
that appeared connected to the Bethel hacking, McGee said.
UAF police did receive a report Aug. 23 from a woman in Anchorage who
said an unauthorized bank account had been opened in her name, according
to police daily incident reports. The unnamed woman, who used to be
affiliated with UAF, said the incident might have been related to the
hacking.
Lt. Syrilyn Tong said no proof exists to substantiate her claim.
In response to the Bethel hacking, the university is trying to tighten
security and reduce its use of Social Security numbers.
OIT performed a system-wide search for other hacked systems or systems
with files containing personal information and found some computers with
those types of files. The office isolated those systems and removed
them, Smith said.
In addition, OIT is preparing to spend at least $200,000 to engage a
consulting firm to do an external review of the university system, Smith
said.
"This review will look in particular at UAF, but it will also look
across the system because we are all connected," Smith said.
The external review will be discussed Oct. 5 at the Information
Technology Council's monthly meeting. The meeting is open to the public.
A task force is also drafting up policy to put before the Board of
Regents as early as December on how Social Security numbers should be
used on campus, university spokeswoman Kate Ripley said.
Several systems still use Social Security numbers as identifiers. On
UAOnline, students can use them if they don't remember their 30 million
numbers, the administration's name for the student ID's it assigns
students on their first day of enrollment.
"We're really looking to craft some policy to go before the Board of
Regents that would sort of direct that this is a real priority and that
it's something we want to take care of," Ripley said.
_________________________________
Visit the InfoSec News store!
http://www.shopinfosecnews.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic