Washington State University Cyberattack Leaves Hackers Empty-Handed

In a series of university cyberattacks, Washington State comes out relatively unscathed.

by Shanon Quinn, Moscow-Pullman Daily News, Moscow, Idaho / September 4, 2015
(MCT) -- Nearly two months after Washington State University learned it had been the victim of a cyberattack, the university is continuing its work in safeguarding against future threats.

Since the university first became aware of the attack on July 8, IT professionals at WSU have been visited by federal law enforcement, consulted with outside security organizations and analyzed intelligence from its forensic investigation.

"Fortunately, to date, there has been no indication that any personal information - such as Social Security numbers and banking information - has been lost. The forensic investigation has found no evidence that student or research data has been accessed," interim President Dan Bernardo said in a statement.

"But they did have illegal access to our email, which bothered us," he added.

Access to the university's directory was also discovered, but there was not evidence to suggest hackers accessed any information from email accounts.

Students, faculty and staff were advised to change their email passwords in order to protect against the threat.

Matt Skinner, WSU's associate vice president for finance and administration, also said the university planned and deployed a series of "tactical activities." The activities were designed to "disrupt and evict" the intruders as well as eliminate compromised communication channels while strengthening the university's security profile to detect and protect against future attacks, Skinner said.

Skinner said a new set of technology tools designed to detect and respond to threats in the system have so far proven effective.

He said the university will continue to make changes that will improve security. These include mandatory password resets and moving faculty and staff email services to a cloud-based service.

WSU is not alone in being victimized by hackers. Harvard, Penn State, UCLA and Rutgers have all faced recent cyberattacks, but it is unclear if the attacks are related.

"Several major, research-intensive universities across the country have been under cyberattack for the past several months," Bernardo said in his statement on the situation.

Skinner said the university is less interested in who is responsible for the act than how to keep information about its students, faculty, staff and administrators safe.

"As threats become more sophisticated, WSU must quickly adapt to stay ahead. The university has made significant investment to do so," Bernardo said.

©2015 the Moscow-Pullman Daily News (Moscow, Idaho) Distributed by Tribune Content Agency, LLC.