Slashdot Mirror

← Back to Stories (view on slashdot.org)

Viruses Stole City College of S.F. Data For Years

Posted by Soulskill on from the measuring-failure-in-decades dept.

An anonymous reader sends this quote from an article at the San Francisco Chronicle: "Personal banking information and other data from perhaps tens of thousands of students, faculty and administrators at City College of San Francisco have been stolen in what is being called 'an infestation' of computer viruses with origins in criminal networks in Russia, China and other countries, The Chronicle has learned. At work for more than a decade, the viruses were detected a few days after Thanksgiving, when the college's data security monitoring service detected an unusual pattern of computer traffic, flagging trouble."

21 of 93 comments (clear)

  1. Human failure by Anonymous Coward · · Score: 4, Insightful

    "students and faculty have used college computers to do their banking"

    That's the main problem. Using sensitive data through public locations such as a college computer is not, in any way, safe.

    1. Re:Human failure by betterunixthanunix · · Score: 5, Insightful

      After years of explaining this to people, I have come to the conclusion that no matter what people are going to do it. Simply put, if banks allow people to log in to their accounts from random computers, people are going to do so without any regard for security. It is convenient, and the one thing you can expect people to do is something that is convenient.

      --
      Palm trees and 8
    2. Re:Human failure by hedwards · · Score: 2

      Yeah, that's not something that I ever do. I logged into my email one time from a random computer, but that's the only time. I did change my password shortly thereafter and didn't have any trouble.

      These days what I do is run a virus scan from a write only thumbdrive before I do anything at all on a strange computer. (If anybody is curious, I'm using a kanguru flashblu 2 with a portable antivirurs program and it works just great for that)

    3. Re:Human failure by Anonymous Coward · · Score: 4, Funny

      write only thumbdrive

      That sounds pretty useless

    4. Re:Human failure by Khyber · · Score: 4, Funny

      No! It's a GREAT layer of security! You can't load into memory what you can't read!

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    5. Re:Human failure by tlhIngan · · Score: 3, Informative

      After years of explaining this to people, I have come to the conclusion that no matter what people are going to do it. Simply put, if banks allow people to log in to their accounts from random computers, people are going to do so without any regard for security. It is convenient, and the one thing you can expect people to do is something that is convenient.

      It's called Dancing Pigs. A user will most likely pick convenience over security.

      And any bank that prevents logging in from public computers will be laughed out of business - people expect to be able to bank anywhere and everywhere. Even on their cellphones (they can't wait to go home and do it then...).

      No way around it, unfortunately, and educating the user is a pointless exercise because they'll just go back to their old ways.

      Perhaps if the bank issued them special keypad calculators that could compute transaction hashes (for two-factor authorization) things would help. But no.

      And given banks already use Wish It Was Two-Factor, things won't be improving at all.

  2. Missing details by msobkow · · Score: 2, Interesting

    The article really doesn't clarify whether these are viruses that are detected by anti-virus software on the market, or something novel and malicious that could only be detected recently. However, the tone of the article suggests poor management and an utter lack of protection from assault, rather than some incredibly creative black hats at work:

    Shortly before Hotchkiss arrived at City College, a new firewall was installed. Technicians set it up to block pornography sites, which are notorious for transmitting computer viruses.

    Then faculty began complaining to Hotchkiss that students needed access to porn sites. For research.

    Eventually, given examples of the academic necessity, Hotchkiss had to remove the porn block.

    I can see the need for some sociology or psychology students to access porn, but only a very few on very specific projects. Methinks some faculty spanking material was the greater concern than student access to "research data" which could have been addressed by granting specific machines a bypass in the firewall configurations.

    --
    I do not fail; I succeed at finding out what does not work.
    1. Re:Missing details by PseudonymousBraveguy · · Score: 2

      I can see the need for some sociology or psychology students to access porn, but only a very few on very specific projects. Methinks some faculty spanking material was the greater concern than student access to "research data" which could have been addressed by granting specific machines a bypass in the firewall configurations.

      Methinks the porn blocker was probably overzealous*, and blocked way to much.

      * In general, those blockers come in two variations: The overzealous type, which gets in the way of normal usage, or the useless type, that blocks next to nothing.

    2. Re:Missing details by Anonymous Coward · · Score: 4, Informative

      I don't know WTF porn sites you guys are visiting, but there are PLENTY of them out there that have no popups, no viruses, and fewer ads than MSNBC. Serioiusly. Porn sites with viruses are NOT porn sites. They are VIRUS sites that use porn to attract virus clickers. Did you learn nothing from Anna Kournikova?

    3. Re:Missing details by Corbets · · Score: 3, Funny

      Damn good point. I've never caught a virus from a porn site in 20+ years.

      In fact, they've only fired the anti-virus on REGULAR sites that had drive-by malware ad-banners hosted by GOOGLE of all places!

      In fact, porn has probably helped me not catch many a virus from the local gentleman's establishment...

  3. Since 1999? by Anonymous Coward · · Score: 3, Insightful

    Article says they've had viruses lurking since 1999. What kind of network could possibly contain equipment that old? Also, not exactly a detailed story we've got there.

    1. Re:Since 1999? by FoolishOwl · · Score: 4, Insightful

      A network that is heavily used by a chronically underfunded institution -- that's what kind.

  4. Not surprising by Niris · · Score: 3, Funny

    From what I've seen community college IT Tends to be pretty horrible. One of them out here had a server password of "password" and remoting on. Others tend to use a generic password on everything such as Mascot1 or gomascot1

    1. Re:Not surprising by FFOMelchior · · Score: 2, Informative

      From what I've seen community college IT Tends to be pretty horrible. One of them out here had a server password of "password" and remoting on. Others tend to use a generic password on everything such as Mascot1 or gomascot1

      IT Dunce A: Crap! Someone out there knows our password "gomascot1"!
      IT Dunce B: No worries, I'll go ahead and change it to "gotigers1".
      IT Dunce A: Phew!

  5. CS Dept by Mannfred · · Score: 3, Interesting

    FTA: "It's likely that personal computers belonging to anyone who used a flash drive during the past decade to carry information home were also affected." The college has a CS department providing courses for "seasoned IT professionals" (as per ccsf.edu) and nobody notices viruses on their flash drives (etc) over the past 10 years? Unlikely.

    1. Re:CS Dept by FoolishOwl · · Score: 2

      It depends upon which classes you take, of course. CCSF has a couple of smaller labs used by CS and CNIT students. The big computer labs seemed to be used primarily by students watching movies, secondarily by students writing essays or doing other sorts of homework.

      I have to admit that one time, after using a flash drive on a Windows PC in the main computer lab at CCSF, and later using that flash drive on a Linux box, I noticed there was some sort of malware on my flash drive that would autoexecute on a Windows system. I wiped my flash drive, and I think I told one of the attendants at the lab about it, but I can't remember if I did. At the time, I thought of it as just an inevitable, but trivial, annoyance from using a busy shared computer lab with Windows PCs.

    2. Re:CS Dept by ArundelCastle · · Score: 3, Interesting

      The college has a CS department providing courses for "seasoned IT professionals" (as per ccsf.edu) and nobody notices viruses on their flash drives (etc) over the past 10 years? Unlikely.

      I don't think we're talking about the era of Stoned on a boot sector anymore. If this is a decade of organised crime, it's going to be a bit more sophisticated.

      You might want to check out Stuxnet before you presume any amount of caution or aptitude can so easily subvert a sufficiently developed worm. Whatever someone might think about how people "over there" do things, I feel it's a safe assumption that the professionals working at a middle-east nuclear plant would also be qualified to work at a San Francisco college.

  6. Correction by dtmos · · Score: 3, Insightful

    when the college's data security monitoring service finally detected an unusual pattern of computer traffic. . .

    FTFY.

  7. Re:Firewall from the inside. Erase after. by msobkow · · Score: 2

    No, I'd suggest loading a VM for surfing questionable sites, and nuking it after you're done.

    --
    I do not fail; I succeed at finding out what does not work.
  8. Re:CS Degrees @ UCSF = NO JOBS FOR BS! by NivenHuH · · Score: 2

    UCSF doesn't even teach computer science; UCSF is a medical school.

    The article is about CCSF (a community college).

    --
    Just when you make it idiotproof, some idiot builds a better idiot.
  9. Try blocking breast cancer research as breast by Joe_Dragon · · Score: 2

    In a school / research area porn blocker just end block stuff like breast cancer research and other stuff Even more so in a med lab.