[ISN] Audit follows attack on FSU computers

From: InfoSec News (isn@private)
Date: Wed Oct 05 2005 - 21:08:16 PDT


http://www.tallahassee.com/mld/tallahassee/news/local/12819487.htm

By Rocky Scott
DEMOCRAT STAFF WRITER
Oct. 05, 2005

A campuswide audit of computers at Florida State University will start
this month after hackers gained access to two servers on the campus
but did no apparent damage, FSU officials said Tuesday.

"We have not had a single person indicate they have had a problem,"  
said Browning Brooks, an FSU spokeswoman, after hackers found their
way into computer servers belonging to the FSU Foundation and an
internal financial-management server.

Larry Conrad, associate vice president and FSU's chief information
officer , said the attacks came from off campus and that FSU police
were investigating the incidents.

No suspects have been identified, Conrad said.

Joe Lazor, director of university computer systems, said the intrusion
into the financial-management server was found in mid-July, and
illegal access to the foundation computer was discovered in the second
week of August.

Both intrusions were discovered during routine monitoring procedures,
Conrad said.

Brooks said about 27,000 names of young FSU alumni were in the
foundation computer and may have been exposed to the hackers.

She said the exposed files were not the entire alumni data base, which
contains about 450,000 names.

Conrad said the names involved were heavily encrypted, and there was
no indication the names had been tampered with or accessed.

"We sent a letter to all the young alumni telling them their files had
been exposed" to an attack by a hacker, Browning said.

Conrad said it could not be determined whether any data were gleaned
from the financial management server.

He said both servers were replaced, the data were reinstalled, and
newer firewalls and other forms of protection were installed on the
new servers.

Lazor said it appeared in both instances the hackers were using FSU
computers to store large files, the most common reason for most hacker
attacks.

College campus computers generally have a lot of room to send large
files over the Internet, making them attractive targets, Conrad said.

Hackers generally find a way to gain access to a large computer by
stealing someone's password or identity, then installing a "kit" in
the system that provides entry for the hacker but remains invisible to
people using the server.

"They put big files on our computers," Conrad said, "and we don't see
them until they (open) the file."

He said attacks on the FSU computer system - there are more than
20,000 computers on campus - have become more common and more complex
in the past five or six years.

The latest attacks have "Joe and I fundamentally rethinking computer
security for the entire campus," Conrad said. "We are rethinking our
approach," he said.



_________________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org 



This archive was generated by hypermail 2.1.3 : Wed Oct 05 2005 - 21:38:59 PDT