Decade old virus harvests information from college computers

Decade old virus harvests information from college computers

Summary: At the City College of San Francisco, viruses have reportedly harvested personal student data for over a decade.

SHARE:
TOPICS: Hardware, Security
12

At the City College of San Francisco, an infestation of viruses has reportedly harvested data for over a decade undetected.

One of the college's computer labs was immediately shut down by the CTO David Hotchkiss after one of the viruses was discovered. The virus in question has led to fingers being pointed at China and Russia, due to the transmission of user data mainly being sent to these respective countries for an estimated decade. Data has also been sent to other countries including Iran and the U.S itself.

Shortly after the Thanksgiving holiday, the college's data security monitoring service, USDN, detected at least seven viruses activated each day at 10 p.m. This included all facets of the network, from administrative to wireless components.

Authorities have not yet ascertained exactly what information has been stolen, although it is suspected that the data transmitted is primarily personal information and financial data such as credit cards -- affecting all previous users of the computers, from students to staff members.

It is possible that thousands of users have become victims of the virus infestation. According to California state law, these victims must be notified as the investigation takes place.

The virus gained this information by logging keystrokes and recording screen images. It is possible that the malware has been able to spread to other computer systems if users have downloaded data at any point through flash drives, a well-known popular choice for students to use.

The server containing medical information of students and employees, at least, is apparently virus-free.

Hotchkiss, in a discussion with college trustees, said: "we may never know the full extent of the damage and how many lives have been affected by this. These viruses are shining a light on years of [security] neglect."

The reasons behind why this was able to remain undetected for so long are likely to be the same issues that affect colleges across the world -- inadequate funds, a lack of computer security awareness, and outdated networks unable to cope against constantly evolving malware and cyber attacks.

Hotchkiss is reported to have been appalled at the computer systems when he first began working at the college. An archaic network, outdated technology, 'technophobic' staff and inadequate security measures already ingrained in the college ethos has no doubt played its part in allowing this incredible breach of personal data privacy.

The FBI has been notified and the investigation is expected to take several weeks to ascertain the extent of the infection.

Image credit: Flickr

Related:

Topics: Hardware, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

12 comments
Log in or register to join the discussion
  • RE: Decade old virus harvests information from college computers

    My question is why would anyone use a public accessible computer and input there private information ? ?
    Anthony E
    • RE: Decade old virus harvests information from college computers

      @Anthony E

      [i]My question is why would anyone use a public accessible computer and input there private information ? ? [/i]

      Why else--it's a FREE secure system looked over by expert sysadmins who know how to guard against malware and protect system users.
      Rick_R
  • RE: Decade old virus harvests information from college computers

    The irony in this story is the "lack of funds" argument. This is a college where the supposed best and brightest both teach and are taught. Perhaps they should include ethical hacking as part of their curriculum with their own network as the target. The next course could be in practical security and the students could fix what they found. Sure there are zillions of reasons why this wouldn't work, but then again, what they are currently doing isn't working either.
    tdogg219
  • I'm curious as to just what these "viruses" really were

    If this really was decade old malware then even the most basic precautions and/or anti-malware software should have caught it. I doubt this was actually a matter of cost. It's much more likely to be just plain incompetence.
    cornpie
    • RE: Decade old virus harvests information from college computers

      @cornpie : Apparently true, as Hotchkiss said: "These viruses are shining a light on years of [security] neglect.??? There is truly no good excuse for neglect; but it does also highlight the fact that sysadmins throughout the world may need jacking up to attain current standards of security.
      Willnott
    • Decade old virus

      @cornpie,
      I agree, even 2003 virus signature database will be able detect the said malware. Even if the guy who maintains the network at that school has not updated the schools AV since 2004 then the malware will still be detected.

      I think there's no one to blame except the sysadmins who are just waiting for their paychecks. Time to check the employment history and background of their IT staff, there's a huge possibility it's internal.
      Martmarty
      • you assume too much. assuming that a windows based antivirus could have

        @Martmarty

        been utilized on the system is not wise.
        if the system is an AIX variant or older, it very well could harbor clandestine software if the sysadmin were not vigilant enough to make sure it doesn't.

        :)
        .
        wessonjoe
  • The mind reels at all of this

    Nothing is apparently safe or off-limits anymore.
    klumper
  • "City" College of Irony

    Irony: taken from their privacy page (http://www.ccsf.edu/NEW/en/privacy-policy.html)

    [quote]The City College of San Francisco is committed to protecting the privacy and accuracy of your personally identifiable information to the extent possible, subject to provisions of state and federal law.

    The college periodically collects data about traffic to our Website. However, we do not individually identify users. Instead, we collect anonymous data and aggregate the information to determine trends and improve our website.[/quote]

    Yet more proof that Reagan was right: Government is the problem, not the solution.
    seeknosy
  • Why is this any suprise?

    I had a college professor that told me there was no such thing as computer viruses..couldn't convince him that his email was poisoning my customers computer..
    a classic case of book smart, reality stupid!
    winddrift03
  • RE: Decade old virus harvests information from college computers

    Really decade old viruses, even AVG would have detected it. A few people should loose their jobs or even the contract if its a contract situation.
    guitarest
  • RE: Decade old virus harvests information from college computers

    Anti-virus software is an illusion. I have never removed a virus from a computer that wasn't running symantec, avg, msse or similar. However, I have never had to remove a virus from a computer owned by someone who used common sense security practises.
    SoupSandwich