Viruses may have been stealing valuable information

Jan 14, 2012 11:55 GMT  ·  By

San Francisco City College staff members noticed that the computers found in a lab in the Cloud Hall on the Phelan Avenue campus were infected with a computer virus. After thoroughly investigating the matter, it turned out that the institution’s networks were plagued with malicious software from more than a decade ago.

Originating from countries such as Russia, Iran, US and China, the malware had been harvesting all sorts of sensitive information, sending it back to the masterminds that controlled the viruses, the San Francisco Chronicle reports.

City College’s CTO David Hotchkiss shut down the first lab that was found to be infected, but he soon realized that the problem was much more serious than initially believed, some of the threats being present since 1999.

“We may never know the full extent of the damage, and how many lives have been affected by this. These viruses are shining a light on years of [security] neglect,” Hotchkiss said.

While some of the data collected by the malicious software was unimportant, such as lesson plans, other information that the viruses could have accessed represented sensitive stuff like banking information.

To make sure they remain undetected, at least seven viruses went into play only at night, after 10 PM, sending all the information they could find on desktop computers and servers back to the cybercriminals that controlled them.

723 IPs traced back to the notorious cybercriminal gang the Russian Business Network were identified since November 28.

Hotchkiss was appointed as CTO at City College about one and a half years ago and he’s been trying to secure their infrastructure ever since. He claims that there are a lot of things that need to be improved, not just in the infrastructure, but also in the way cyber security is perceived.

Unfortunately, due to the size of the computer network and its old, insecure design, the task is more challenging than anyone could imagine.