Cyber attacks sure do seem to be on the increase as well as getting more sophisticated. Finding out today that Educause has experienced a security breach motivated me to offer up a post. Is anyone surprised by the attacks being traced back to the Chinese Army. Those of us with systems under attack have known for a long time where most of the serious traffic was coming from. And although we did not have a specific building in Shanghai, however, we did know that attacks were originating in China. I guess they finally went too far and the Pentagon had to go public with the story. Of course the official report issued by the security firm Mandiant Technologies could not be ignored especially after the New York Times hack was made public.
The cyber attacks were not sophisticated direct penetration attacks but instead just very well done phishing attacks. Phishing as in tricking users into allowing their account passwords to be discovered. The White House and many universities in our country, mine included, were heavily targeted by spear-phishing attacks in the Fall of 2012. The results of these compromised accounts translated into massive use of our email servers to send out Spam email. This turns out to be a very profitable product for the successful hackers. However, the positive outcome from these attacks is that our university is now willing to get far more serious about implementing stronger security measures. Leading the way will be a stronger password change policy. But the real reason for changing passwords is to protect us against the compromises we do not know about.