Decade-Long Virus Infection Discovered
College Vows Updated Security in Wake of BreachSee Also: Gartner Market Guide for DFIR Retainer Services
The college first noticed the infection in late November, when the IT department saw gaps in the data logs of a server located in the Phelan Avenue campus computer lab. Further investigation revealed that the viruses had existed in the college's systems since 1999, Rizzo confirms.
During the investigation, the college's IT department saw transmissions being sent to Russia and China, as well as other countries, Rizzo says.
The college has 100,000 students and 3,000 employees. So far, there's been one confirmed instance of personal banking information recorded by a virus, he says. "We're looking at the ... central database to see if anything was taken from there," he adds.
Upon learning of the breach, the college closed off the infected computer lab and took the server offline that had been transmitting the data overseas. The college community was notified by e-mail on Friday, Jan. 13, Rizzo says.
Corrective Action
As a result of the breach, the college has taken multiple steps, including eradicating the infections and reviewing all computer equipment. Rizzo says City College has also:
- Reconfigured the campus firewalls;
- Changed and strengthened the passwords on all of the servers;
- Made preparations to install new security hardware;
- Taken steps to update and establish new procedures for the school to follow when it comes to using the college's computers and network;
- Begun planning for a reconfiguration of the network, isolating it into three separate areas: an administrative area (to house records, etc.), academic area (class information, etc.), and a wireless area.