Clickability tracking pixel

Ohio University Systems Left Vulnerable in Software Breach

Kent State University was identified as one of the organizations that was potentially hacked during a widespread software breach, and according to an analysis, hackers may have had access to Kent State’s systems for more than a year.

by Robin Goist, cleveland.com / December 22, 2020
Kent State University's systems were potentially hacked as part of a widespread software breach that affected at least two dozen organizations, according to a Wall Street Journal analysis. Emily Bamforth, cleveland.com

(TNS) — Kent State University is among 24 organizations identified by the Wall Street Journal as having software on its computers that gave hackers potential access to data.

According to a Wall Street Journal analysis, the hackers may have had access to Kent State’s systems for more than a year.

“We are aware of the situation and are evaluating this serious matter,” Kent State spokesman Eric Mansfield said in a statement to cleveland.com and The Plain Dealer.

Mansfield declined to elaborate on the situation, including what kind of information may have been breached.

The Wall Street Journal reports that Kent State computers were infected with a tainted network monitoring software called SolarWinds Orion that allowed hackers to access the network through a so-called “backdoor” in the code.

Other organizations that were potentially hacked include the California Department of State Hospitals, technology companies Cisco Systems Inc., Intel Corp. and Nvidia Corp., accounting firm Deloitte LLP, cloud-computing software maker VMware Inc. and Belkin International Inc., which sells Belkin and LinkSys Wi-Fi routers, according to the Wall Street Journal.

The victims are likely a “small window” into the scope of the hack, which could have affected as many as 18,000 of SolarWinds’ customers, the Austin-based company told the Wall Street Journal.

SolarWinds employees found the malicious code after a routine software update and traced activity from the hackers back to at least October 2019. The company said it is working with security companies, law enforcement and intelligence agencies to investigate the attack, which some suspect is connected to APT29, also known as “Cozy Bear,” a hacker group associated with Russia’s foreign intelligence service.

The Wall Street Journal reported that the suspected Russian hackers also breached U.S. government agencies, including the Treasury and Commerce departments.

Federal cybersecurity experts have suggested that the hackers are sophisticated, with one source telling the Wall Street Journal that the government breach was a “10” on a scale of one to 10 in terms of its likely severity and national security implications.

(c)2020 The Plain Dealer, Distributed by Tribune Content Agency, LLC.


Never miss a story with the daily Govtech Today Newsletter.

Subscribe


E.REPUBLIC Platforms & Programs