The College of Engineering at Pennsylvania State University has disabled its network in response to two cyberattacks, the university said on Friday. One of the attacks was confirmed to originate in China, according to FireEye, the IT security firm the university hired to investigate the breach. The Federal Bureau of Investigation alerted the university to the attacks last November, and an investigation showed hackers breached the network as early as September 2012. The university said it believed the hackers were after intellectual property, and that there is "no evidence to suggest that research data or personally identifiable information (such as Social Security or credit card numbers) have been stolen."
Ken Westin, a security analyst at the IT security company Tripwire, called the attacks a "wake-up call" for higher education. "I hate to be the harbinger of bad news, but I don’t think this is the only breach like this. I think there are quite a few more than have been detected, as well as many that haven’t," Westin said in a statement.
The college expects the network to be down for several days while the university works to upgrade its security measures.
Opinions on Inside Higher Ed
Inside Higher Ed’s Blog U
What Others Are Reading