A recent cyberattack at Penn State by Chinese hackers may be part of a much broader attempt to steal intellectual property at universities nationwide.
[Editor’s Note: Our editorial picks include stories the editors believe either highlighted an important issue in 2015 and/or signaled the beginning of an escalating trend or issue for 2016.]
In May, the College of Engineering at Penn State shut down its network for several days in response to a cyberattack, making it the latest in a long line of higher education institutions to suffer network breaches in recent years. But this particular attack may not be over. In fact, the Penn State incident is likely just the tip of an ongoing espionage effort to infiltrate similar schools nationwide, according to Ken Westin, senior security analyst at Tripwire, an Oregon-based cybersecurity company.
“It doesn’t look as if Penn State initially detected this attack itself—it was actually notified by the FBI,” said Westin. “That’s usually a sign that the attack is part of a larger campaign that has been detected.”
According to a statement released by Penn State, a Chinese hacking group is behind one of two known attacks at the university. Eric Barron, president of Penn State, described the group’s activities as typical of “well-funded and highly skilled cybercriminals…in search of sensitive information and intellectual property.”
If that’s the case, colleges and universities nationwide should assume that they too are in the hackers’ crosshairs. “It’s very rare that a group is going to target one particular institution,” said Westin. “Usually, they will target an entire industry or a network looking for intellectual property. If they’re going after Engineering at Penn State, odds are it’s part of a larger campaign targeting similar departments and groups in higher education.”
Indeed, Westin believes that the FBI is already working with other institutions that have been breached. Considering the initial intrusion at Penn State dates back to September 2012, the hackers may have spent years developing cyberattacks elsewhere.
(Next page: Unpublicized attacks and vulnerabilities)