Decade-Long Virus Infection Discovered

College Vows Updated Security in Wake of Breach
Decade-Long Virus Infection Discovered
Recently discovered viruses, consisting of Trojans and other malware, at City College of San Francisco have stolen personal banking information and other data from perhaps tens of thousands of students, faculty and administrators, says John Rizzo, president of the board of trustees.

See Also: Defense Strategies for Advanced Threats: Breaking the Cyber Kill Chain with SANS 20 Critical Security Controls

The college first noticed the infection in late November, when the IT department saw gaps in the data logs of a server located in the Phelan Avenue campus computer lab. Further investigation revealed that the viruses had existed in the college's systems since 1999, Rizzo confirms.

During the investigation, the college's IT department saw transmissions being sent to Russia and China, as well as other countries, Rizzo says.

The college has 100,000 students and 3,000 employees. So far, there's been one confirmed instance of personal banking information recorded by a virus, he says. "We're looking at the ... central database to see if anything was taken from there," he adds.

Upon learning of the breach, the college closed off the infected computer lab and took the server offline that had been transmitting the data overseas. The college community was notified by e-mail on Friday, Jan. 13, Rizzo says.

Corrective Action

As a result of the breach, the college has taken multiple steps, including eradicating the infections and reviewing all computer equipment. Rizzo says City College has also:

  • Reconfigured the campus firewalls;
  • Changed and strengthened the passwords on all of the servers;
  • Made preparations to install new security hardware;
  • Taken steps to update and establish new procedures for the school to follow when it comes to using the college's computers and network;
  • Begun planning for a reconfiguration of the network, isolating it into three separate areas: an administrative area (to house records, etc.), academic area (class information, etc.), and a wireless area.

About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.

Around the Network