KSU systems potentially hacked in widespread SolarWinds breach
December 29, 2020
Kent State University is among at least 24 other organizations that are potentially affected by a widespread software hack blamed on Russia, according to a report in the Wall Street Journal (WSJ).
The university was made aware of the breach on Dec. 14.
“At this time, there is no evidence that indicates the hackers used this back door to access the Kent State network,” the university said, in a statement sent out to students, faculty and staff Dec. 23. “Working in conjunction with industry experts, Kent State has taken necessary industry reasonable steps to address further attempts at compromise.”
According to the email, Kent State has taken the necessary steps to address further attempts at compromise and “has not observed further unauthorized access to Kent State systems or sensitive data.” The email also states that the issue did not impact the delivery of classes to students.
The hack so far has targeted more than 40 U.S. government agencies, including the Department of Homeland Security, the Department of the Treasury, the Department of Commerce, the State Department and the National Institutes of Health, according to the Washington Post. Think tanks, nongovernmental organizations and IT companies were also infiltrated, said Brad Smith, president of Microsoft, whose company is helping respond to the hack.
The effects and consequences of the hack are still being assessed, though the Department of Homeland Security’s cybersecurity arm said in a statement last week that the intrusion posed a “grave” risk to government and private networks.
In the Treasury Department’s case, said Sen. Ron Wyden, D-Ore., the breach began in July. But experts believe the overall hacking operation began months earlier when malicious code was slipped into updates to popular software that monitors computer networks of businesses and governments.
The malware, affecting a product made by U.S. company SolarWinds, gave elite hackers remote access into an organization’s networks, potentially including Kent State’s, so they could steal information. The malicious code was used as what’s known as a “backdoor,” allowing access to computer networks that used the software. Hackers created the malicious code and added it to a SolarWinds software update.
Secretary of State Mike Pompeo and Attorney General William Barr publicly stated they believe Russia is behind the cyberattack.
Other organizations compromised in the suspected Russian hack include the California Department of State Hospitals, Cisco Systems Inc., Intel Corp., Nvidia Corp. and Belkin International Inc., according to the WSJ article.
One of the world’s largest cybersecurity firms, FireEye, was also hacked, calling the attack “highly sophisticated.” The firm analyzed the software and discovered a small portion of malicious code, which are unwanted files or programs that can cause harm to a computer. Over 18,000 other SolarWind Customers are also at risk, including major tech companies, 400 Fortune 500 companies and many government agencies.
One Cleveland cybersecurity expert told the Plain Dealer Kent State was only collateral damage in the breach but believes the university should be concerned about long-term ramifications.
The Associated Press contributed to this report.
Connor Steffen is a TV2 reporter. Contact him at [email protected].