US university unit cuts off from Web after cyberattack
Penn State University said Friday that the computer network of its college of engineering was disconnected from the Internet after a cyberattack "by a threat actor based in China."
University president Eric Barron said the disruption would last several days amid a "large-scale operation to securely recover all systems."
Barron said in a statement that the FBI alerted the university about two breaches last November, but that no public statements were issued during the investigation to avoid alerting the attackers.
He said the school hired FireEye cybersecurity forensic unit Mandiant, which "has confirmed that at least one of the two attacks was carried out by a threat actor based in China, using advanced malware to attack systems in the college."
The malware has been present since September 2012, according to the investigators.
"This is an incredibly serious situation, and we are devoting all necessary resources to help the college recover as quickly as possible, minimize the disruption and inconvenience to engineering faculty, staff and students, and to harden Penn State's networks against this constantly evolving threat," Barron said.
With the computer network disconnected from the Web, faculty, staff and students will be able to use some network functions to work during the upgrades, Barron added.
The university said there was no evidence that research data or personally identifiable information was stolen, but that some user names and passwords have been compromised, and that all users will be required to reset their passwords.
© 2015 AFP