An Attack on the College of Engineering: A Sobering Warning to the Rest of Us

Posted: June 30, 2015

On May 15th officials at Penn State revealed that the College of Engineering has been the target of two sophisticated cyberattacks. These intrusions were not the work of the stereotypical TV and movie hackers in dark basements but rather by “well-funded and highly skilled cybercriminals” based in China. The lessons learned by our colleagues across campus will help the College of Ag Sciences, as well as the rest of the University, to better protect our data, our research, our clientele and our employees from a similar event.

We have seen in the news over and over again that hackers have broken into networks and stolen sensitive information – credit card information from Target, corporate information as in the Sony pictures hack, personal identity information during the federal breaches and healthcare information from the Anthem attack.  We do not need to tune in to national news to see that academic research information and personal identities are targets for cybercriminals – we have seen it right here at Penn State.

President Baron’s message to the University on May 15th made clear that in the coming months significant changes in IT security protocols will be rolled out across the University.  We will be implementing these changes in the College of Ag as they are recommended – and have already taken steps to fortify the perimeter.  Many of us believe that as a land-grant university our job is to share research and information – and that is true.  We must adjust our thinking to include sharing appropriate information – we must share our best practices without sharing our contractually secure information, our business information or our personal information.  The same password that opens your PASS data share also opens ESSIC – your salary information, benefits choices and other confidential, personal data.

As the University rolls out changes, and the College implements them, we will be asking for your understanding and cooperation.  As Provost Jones said in the June 2 Town Hall meeting, “…vital that we change our security posture as an institution…”  There will certainly be different ways of doing things, and likely the new ways will be more complicated or slower than what we have become accustomed to doing today.  Please feel free to talk with us – we may not be able to change the policy or procedure, but we will help you understand why the changes are being made and what benefits we gain from them.