Slashdot Mirror

← Back to Stories (view on slashdot.org)

Penn State Yanks Engineering Network From Internet After China-Based Attack

Posted by Soulskill on from the another-day-another-breach dept.

coondoggie writes: Penn State's College of Engineering has disconnected its network from the Internet in response to two sophisticated cyberattacks – one from a what the university called a "threat actor based in China" – in an attempt to recover all infected systems. The university said there was no indication that research data or personal information was stolen in the attacks, though usernames and passwords had been compromised.

44 of 101 comments (clear)

  1. A logical response by Anonymous Coward · · Score: 2, Insightful

    There are Chinese nationals at Penn State and every other university in America, displacing our own people. Why don't we start revoking student VISAs as a response?

    1. Re:A logical response by Anonymous Coward · · Score: 5, Funny

      Yeah, and they'll switch to Mastercards. Great plan.

      Wait, what? :)

    2. Re:A logical response by epyT-R · · Score: 2, Insightful

      Because the radical left on campuses would say that's racist and 'anti-social.'

    3. Re:A logical response by Anonymous Coward · · Score: 1, Insightful

      Because that would create a major diplomatic incident over something that you have no evidence involves any State players. Just because the attack is based in China does not imply that China was behind the attack.

    4. Re:A logical response by Anonymous Coward · · Score: 5, Insightful

      Because Microsoft would lose all their new H-1B employees.

    5. Re:A logical response by Anonymous Coward · · Score: 1

      Want to know how I know you don't know anything about international relations? First clue is you are talking out your ass.

    6. Re:A logical response by ShanghaiBill · · Score: 3, Insightful

      Because the radical left on campuses would say that's racist and 'anti-social.'

      And the left would be right.

    7. Re:A logical response by Virtucon · · Score: 1

      bullshit.

      --
      Harrison's Postulate - "For every action there is an equal and opposite criticism"
    8. Re:A logical response by ShanghaiBill · · Score: 2

      Why don't we start revoking student VISAs as a response?

      Yes, that is so much better than implementing decent security and salting passwords.

    9. Re:A logical response by Feral+Nerd · · Score: 3, Insightful

      There are Chinese nationals at Penn State and every other university in America, displacing our own people. Why don't we start revoking student VISAs as a response?

      Because the radical left on campuses would say that's racist and 'anti-social.'

      Here's a thought... perhaps we should stop this xenophobic whining and retaliate against the culprits rather than applying a shotgun remedy like revoking the student visas of every Chinese person in sight regardless of whether they were involved in these attacks or not? The "drop a 2000lb bomb on it" approach may be intensely satisfying, especially to the political right. However, it causes collateral damage, it is therefore inelegant and it reeks of stupidity and desperation. Just play the old eye for an eye and tooth for a tooth game. If the Chinese can set up 'cyber warfare' units and think they can attack the USA with impunity in times of peace without it being an act of war then surely they will not complain if the USA uses the 'cyber warfare' branch of it's military to launch attacks inside China against the assholes who are doing this? ... and if they do complain about being hoisted by their own petard then they'll just look pathetic. The USA does have a credible 'cyber warfare' capability does it not?

    10. Re:A logical response by Anonymous Coward · · Score: 1

      Considering that the Penn State College of Engineering has a research partnership with the U.S. Navy, state-sponsored espionage is a reasonable working assumption until an investigation proves otherwise (much like suicides are investigated as homicides, until proven otherwise).

    11. Re:A logical response by Dutch+Gun · · Score: 1

      We should probably make a distinction between cyber "attacks" and cyber "thefts". This appears to be of the latter variety, although of course no details were given. Ransom-ware or Stuxnet would better be classified as an "attack". No doubt the government would like any military or political intelligence they can get, and I'm sure they're working to that end already.

      One problem (among many) with equivalent retaliation is that we have a lot more worth stealing then they do. There's less of an incentive in launching cyber thefts against a country that we already have a significant advantage of in terms of intellectual property, at least if the goal isn't simply to disrupt internal systems... and I don't think we want to go there.

      --
      Irony: Agile development has too much intertia to be abandoned now.
    12. Re:A logical response by Anonymous Coward · · Score: 1

      If the librarians were breaking the law and committing blackmail to protect a child rapist, then yes you could blame them. The President of the university and the Athletic Director were convicted for breaking the law to protect a child rapist. They were notified about the rapes, but instead of putting a stop to it, they protected the rapist so he could continue to rape and rape and rape. Your analogy is bad.

      And, why would Microsoft associate themselves with an organization that is from the top pro-child rape?

    13. Re:A logical response by mattventura · · Score: 1

      No, discrimination based on country of citizenship isn't any more racist than something like an embargo. Can it be racially motivated? Yes, but because any such blanket ban does not consider race, it cannot be racist.

    14. Re:A logical response by Anonymous Coward · · Score: 1

      > wasn't even an employee of Penn State during his crimes

      He was there from 1963 to 1966 then from 1969 to late 2011 when he was finally banned. That's 47 years that he was on campus. He was either a student-rapist or coach-rapist for all but the last few of those years. He most certainly did rape children when he was there. The Second Mile was founded in 1977 to provide that Penn State employee access to boys to rape. 1977! You can't argue with the timeline that convicted him in court. Why are you still defending a child rapist? Why would anyone do that unless they were one.

    15. Re:A logical response by rtb61 · · Score: 1

      Stop making bullshit claims for a start. Got a complaint, prove it in court and then apply a fiscal trade penalty by confiscating assets from foreign business located locally and placing the onus upon them to recover the money from their government. Considering the behaviour of the NSA the rest of the world could logically claim something in the order of a couple of hundreds billion dollars of economic damages. Oh, yeah and the US can also try doing it to the rest of the world.

      Stop with the bullshit, got a complaint, prove it in international court otherwise shut the fuck up, we don't believe you any more, not for anything. Talk about the boy that cried wolf and the US government and their idiotic solution to this problem, spend more money on telling more lies and force vassal states to comply with the propaganda effort under threat of hostile espionage activity, political destabilisation, economic attacks and even military over throw.

      --
      Chaos - everything, everywhere, everywhen
    16. Re:A logical response by dywolf · · Score: 1

      no, it would have more to do with it being effectively a conviction and punishment without due process let alone accusation.

      I'm beginning to think you are having a stroke, your lack of context and knowledge of definitions is so striking.

      that or you just suffer from diarrhea of the mouth, issuing random phrases you heard once.

      --
      The guy who said the election was rigged won the presidency with the second-most votes.
  2. Just block China already. by andydread · · Score: 2

    To reduce the susceptibility to these attacks engineering/research institutions and corporations should just block originating source IP blocks from China. It may not reduce all such attacks but it should help

    1. Re:Just block China already. by Virtucon · · Score: 3, Insightful

      So protecting your data and your intellectual property is racist? That's a new play on the race card. It's not about blocking the Chinese people from accessing information, shit their own government does a pretty good job of that already. It's about blocking concerted, direct espionage against US companies, educational institutions and the government. It's not some pimple faced teenager trying to break in for fun, it's about the theft of our technology. Sure, technology leaks and history is replete with examples but this wholesale theft needs to be curtailed and if necessary start blocking IP address ranges; better yet we need a great firewall of China for traffic going to/from China.

      --
      Harrison's Postulate - "For every action there is an equal and opposite criticism"
    2. Re:Just block China already. by Cramer · · Score: 1

      Personally, I do something very similar... every address block assigned to APNIC. Yes, it's a shotgun approach, but it's surprisingly effective. HOWEVER, it's not something that can be done by everyone; it works for me because I have no need to talk to anything in Asia. That won't work for my employer as they have offices all over the world -- including Asia, and all of our manufacturing is done by companies in Asia.

    3. Re:Just block China already. by khallow · · Score: 1

      The reality being that most of China has no knowledge or approval of these things, and punishing them is silly. And the hypocrisy is that there are plenty of US agents engaging in espionage.

      That's good. I'd hate to be punished for all the stuff my government is doing supposedly in my name.

  3. Passwords were compromised? by kdub007 · · Score: 1

    Were they in clear text somewhere? If so, then they deserved to be hacked.

    --
    The correct answer is 42.
    1. Re:Passwords were compromised? by aitala · · Score: 1

      No.

      --
      Eric Aitala
      www.f1m.com
    2. Re:Passwords were compromised? by MooseTick · · Score: 1

      Ever heard of john the ripper and the 50 other password crackers that are free to download?

      --
      Ninjas don't carry tic tacs
    3. Re:Passwords were compromised? by radarskiy · · Score: 2

      Or maybe use use of "compromised" comes from a responsible adult to mean that "a copy of the salted and encrypted db has been made which they could possibly brute-force before the heat-death of the universe so we should go ahead and replace all entries now".

  4. A Message from The President of Penn State by Sir_Eptishous · · Score: 2
    First off, is this hyperbole?

    Moving forward, we all will need to take additional steps to protect ourselves, our identities and our information from a new global wave of cybercrime and cyberespionage.

    Second, and most importantly, how long until the US and China "come in from the cold" and enter an actual hot war(with the way events are unfolding in the South China Sea, and this cold war that has been going on for the last 15 years)?

    --
    We play the game with the bravery of being out of range
    1. Re:A Message from The President of Penn State by Fire_Wraith · · Score: 1

      I'd say it's not really a 'new wave', though it's certainly 'new' to the people who haven't really been involved in the network security field.

      As to the odds of a shooting war in East Asia, my hope is that there is too much money and profit involved for anything to really get out of hand. That said, what concerns me is the possibility that the Chinese government will rely increasingly on nationalism to shore up its domestic popular support as the double-digit growth years become a thing of the past. This is the sort of thing that can easily get out of control, to the point that otherwise sensible leaders will make risky or bad choices, such as escalating a conflict that can erupt into war, when they think the alternative is worse (appearing weak in front of the people and losing power).

  5. Penn should hire Hillary's cybersecurity people by drnb · · Score: 1, Informative

    What do you say of the cybersecurity surrounding Hillary Clinton?

    It sounds like Penn should hire Hillary Clinton's cybersecurity people. There is absolutely no evidence at all that her basement mail server was ever hacked.

    1. Re:Penn should hire Hillary's cybersecurity people by bobbied · · Score: 4, Insightful

      What do you say of the cybersecurity surrounding Hillary Clinton?

      It sounds like Penn should hire Hillary Clinton's cybersecurity people. There is absolutely no evidence at all that her basement mail server was ever hacked.

      Of course there is no evidence.... She literally erased EVERYTHING on the server. Oh sure, she had some e-mails printed, but the server, and the E-mail supposedly on it where erased before anybody had a chance to look. All we really have is her word that it never was hacked, not that she'd know if it was anyway.

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    2. Re:Penn should hire Hillary's cybersecurity people by epyT-R · · Score: 1

      Still doesn't align well with the 'transparent government' push. Come on, as a public official you shouldn't be using private servers for official communications.

  6. Re:As long as the Republicans continue to rule... by Jawnn · · Score: 2

    What do you say of the cybersecurity surrounding Hillary Clinton? The real solution is to elect a rock ribbed conservative to the Presidency like Ted Cruz who won't be squeamish about bustin' some heads.

    You don't have any idea how moronic that sounds, do you?

  7. Re:As long as the Republicans continue to rule... by jfdavis668 · · Score: 2

    I thought the President was a Democrat. When did he stop ruling?

  8. There is no evidense at all by Anonymous Coward · · Score: 1

    In a manner of saying. There is no evidence at all. The Clinton Crime family scrubbed the machine, yoga emails and all. My guess is Vlad and Xi have read every detail.

  9. Bad PR angle by Tablizer · · Score: 1

    "We will prepare your children for the future by hiding in caves."

    --
    Table-ized A.I.
  10. And this is why you monitor your traffic by CSG_SurferDude · · Score: 1

    Without knowing any of the gory details, I have to wonder if this could have been caught by the network team monitoring and characterizing the inbound/outbound traffic and watching for anomalies.

    --

    LongTail SSH Brute Force analysis tool is here!

    1. Re:And this is why you monitor your traffic by Fire_Wraith · · Score: 1

      I'd be curious to know what sort of network monitoring team they have - if any. My impression is that most universities don't tend to think of themselves as a target, and thus this tends to be a function that network admins conduct rather than having dedicated network security personnel and IDS/IPS/etc suites the way you would likely see in a corporation or government entity.

  11. WE ARE by jfdavis668 · · Score: 1

    PENN STATE!

  12. Re:As long as the Republicans continue to rule... by Duhavid · · Score: 2

    I thought the president was elected? When did we stop ruling?

    --
    emt 377 emt 4
  13. Where did other attack come from? by fullback · · Score: 1

    The Penn State announcement doesn't mention China at all. The other says an unnamed source said one of the two sources was China. Where was the other?

    Other countries are doing exactly what the NSA does. The NSA does the same thing, forwarding technology information and foreign business strategies to US companies by hacking communications through ECHELON, tapping into privately owned infrastructure cables, keylogging and tapping phones at sources.

    But that's OK because it's "us" and not "them."

  14. Re:As long as the Republicans continue to rule... by Anonymous Coward · · Score: 1

    these things will just keep happening. They just don't get security, and they actually like it when the average person gets hurt by a communist. It gives them more of an excuse to go on another one of their constant murder rampages. That is the way of their kind. They are encouraging this to happen.

    Talk about rank partisan stupidity... normalizing relations with China was a good move overall. They are no longer a communist country, though the communist party is still in control, they are gradually relinquishing control as their quality of living overall improves. The US on the other hand was controlled exclusively by the Democrats for 2 years, and a Democrat majority (Senate and Presidency, only lacking the House) for 4 more years, rounding out to 6 years out of the last 7 being dominated by the Democrats. So if you don't like our current policies towards China, maybe you should stop blindly voting, pull your head out of your ass, learn the issues and then vote for and support candidates based on what they believe instead of whether they have a (D) or (R) next to their name...

    And yes, most cyber attacks come out of relatively few countries, and in the case of China, all of it is state sponsored. Don't like it? Elect representatives that will stop spending money like drunken sailors, enact reflective trade policies with China (neutralize the artificial advantage we have been allowing China to have) and balance our budget. Once we don't have to rely on China buying our debt, we can work with other free nations to have a protective treaty that cuts off global internet access for ascending weeks if they engage in cyber warfare or espionage (or if we have pretty good evidence that they did). It is a cost/benefit balance with China, they will stop doing it if there is a cost greater than the benefit.

  15. Oxymoron by PocketPick · · Score: 1

    The university said there was no indication that research data or personal information was stolen in the attacks, though usernames and passwords had been compromised.

    Because you know...who would consider passwords to be personal information...

  16. Penn State disconnected network? by nickweller · · Score: 1

    'Penn State's College of Engineering has disconnected its network from the Internet in response to two sophisticated cyberattacks – one from a what the university called a "threat actor based in China"'

    What was the nature of the attack, what Operating System does Penn State run on?

  17. Happened at Rutgers, too by Anonymous Coward · · Score: 1

    A friend of mine at Rutgers complained that attacks resulted in Rutgers being cut off from the Internet in recent weeks.

  18. Re: Penn should hire Hillary's cybersecurity peopl by bobbied · · Score: 1

    Okay, so a Republican controlled congress failed to seize the server before it was wiped clean. I wouldn't go around making a big deal about this if I were a Republican. It may come back to bite you when the presidential election rolls around.

    When the election rolls around? Uh, I think it's hear now and we have nearly 2 years of campaigning in our future... Heaven help us... Hillary won't be materially harmed by this, by the time she actually starts campaigning it will be old news but thinking the republicans will be harmed by this somehow is nuts... Unless of course they over play the card... But that's a self inflected "unforced error" kind of thing and if the democrats are hoping for that, it's going to go badly for them and they know it.

    --
    "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101