Cyberattacks hit PSU’s College of the Liberal Arts |

Cyberattacks hit PSU’s College of the Liberal Arts

Two cyberattacks compromised computer user names and passwords for workers in Penn State’s College of the Liberal Arts, but there’s no evidence that hackers stole any personal identifying information, such as Social Security numbers, or research data, university officials said Friday.

As a precaution, the university and security officials reset user names and passwords of between 2,000 to 3,000 faculty, staff members and graduate students, said Kevin Morooney, Penn State’s vice provost of information technology. The user names and passwords of undergraduate students were not affected, he said.

One attack, which was only recently discovered, occurred March 4, 2014, said Nick Pelletier, a senior consultant for Mandiant, a cybersecurity forensic unit based in Alexandria, Va. The other occurred between March and May 4 when it was detected, Pelletier said.

It is not known if the same hackers are responsible for both attacks.

The school toughened security measures after attacks on the university’s College of Engineering, the earliest of which occurred in September 2012. Those tougher measures detected the latest intrusions.

Nobody knows why the College of the Liberal Arts was targeted.

“All we know is that when they connected to the network, they did not go the further step of stealing personal identity information (such as Social Security numbers and credit card information),” said Nicholas Bennett, Mandiant’s senior manager of professional services.

“I think hackers are constantly looking for the opportunity to break into systems. We can’t speculate as to their motives,” said Nicholas P. Jones, Penn State’s provost and executive vice president. “If they find a system they can get in to, they get in, even if their intent is completely unclear.”

Penn State disclosed May 15 the intrusions in its engineering college, where investigators found at least one attack originated in China. Hackers compromised computer-network user names and passwords in those incidents, too, according to the university.

University administrators have said they are running a comprehensive review of cybersecurity practices and plan to keep strengthening them.

“We certainly have increased our security posture significantly since the engineering attacks,” Jones said.

Jones admitted the school knew about the Liberal Arts attacks when it announced the intrusions at the engineering college.

“We prefer not to talk about an investigation that is in progress, lest it compromise our ability to do a full and complete analysis,” Jones said.

University officials said they do not know of any other cyber intrusions on school computer networks.

“If you are connected to the Internet, you are under constant attack,” Morooney said. “We are constantly monitoring, and at this point in time, we have no information of any other attack.”

Michael Hasch and Adam Smeltz are staff writers for Trib Total Media. Hasch can be reached at 412-320-7820 or at [email protected]. Smeltz can be reached at 412-380-5676 or [email protected].

TribLIVE commenting policy

You are solely responsible for your comments and by using you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.