CybersecurityU.Va. upgrades IT systems after massive Chinese cyberattack
The University of Virginia announced Sunday (16 August) that it has successfully completed a comprehensive system security upgrade in response to a cyberattack originating in China. The University said it had taken these actions further to enhance the security of data and information stored on university resources and to aid in prevention of future cyberattacks. The cyberattack on U.Va. is the second massive cyberattack by Chinese government hackers on an American institution of higher learning. Last fall, the Penn State College of Engineering was the target of two sophisticated cyberattacks by Chinese government hackers.
Logo of the University of Virginia // Source: virginia.edu
The University of Virginia announced Sunday (16 August) that it has successfully completed a comprehensive system security upgrade in response to a cyberattack originating in China. The University said it had taken these actions further to enhance the security of data and information stored on university resources and to aid in prevention of future cyberattacks.
The system upgrade started on Friday at 5 p.m. The affected systems were brought back online Sunday.
The University is now requiring users to change their Eservices login passwords.
“We thank the members of the University community for their patience as systems were being upgraded,” U.Va. executive vice president and COO Patrick D. Hogan said. “The security of your information and other data stored on University systems is of the utmost importance, and our dedicated teams of professionals will remain vigilant in protecting the University’s information technology infrastructure.”
The university says that there was no evidence that the attackers accessed personally identifiable information — such as Social Security numbers and banking information — or personal health information. There was also no indication that sensitive research material was accessed.
HSNW readers affiliated with U.Va. should call the U.Va. Help Desk for IT at 4-HELP (434-924-4357) or toll-free 866-469-4866 for technical questions related to the system upgrade or the password change.
The cyberattack on U.Va. is the second massive cyberattack by Chinese government hackers on an American institution of higher learning. Last fall, the Penn State College of Engineering was the target of two sophisticated cyberattacks conducted by what the FBI called “advanced persistent threat” actors (see “Massive cyberattack by Chinese government hackers on Penn State College of Engineering,” HSNW, 18 May 2015). On 21 November 2014 Penn State was alerted by the FBI to a cyberattack of unknown origin and scope on the school’s College of Engineering. The FireEye cybersecurity forensic unit Mandiant, which was hired by Penn State after the breach was discovered, confirmed that at least one of the two attacks was carried out by a threat actor based in China, using advanced malware to attack systems in the college. In a coordinated response by Penn State, the College of Engineering’s computer network was disconnected from the Internet and a large-scale operation to securely recover all systems was launched.
