This morning, Carnegie Mellon University was subject to a severe phishing attack, TEISS has found. The attempt comes at a time when Google docs related phishing attack almost crippled Google Mail yesterday. CMU is one of the best known universities in the world but we don’t yet know if the attack was aimed at all the campuses of the university which are spread across several continents and has as many as 14,000 registered students.
‘It literally hit everything! Students and staff. But our IT sent out an an email almost as soon as it happened- telling everyone to not open those emails. I got like 10 within 30 minutes. Crazy!’ said Alison Day, Foreign Student & Scholar Advisor.
News of the attack doesn’t come as a surprise as the recently released Verizon Data Breach Report predicted that the three sectors to come under most cyber attacks this year will be finance, healthcare and education. While the first two make sense because cyber criminals would want to make off with financial or health data as they are most valuable, but when TEISS spoke to Dave Hylander, senior risk analyst, Verizon and co-author of the report, the reason for universities being targeted came into sharp focus. Hylander said: ‘Most universities have a direct line to the government- carrying out research for them. They also are sometimes funded by them. Breaking into a government’s website or repository can be very difficult. So universities are targeted to act as vehicles so criminals can get to the government via them.’
And the large-scale attack on Carnegie Mellon University fits into the overall masterplan too! Day continued: ‘ CMU has tons of governmental contracts, and works on highly sensitive stuff – so our IT team is on top of everything. As far as I have heard, our IT team caught it in time. Because we get hit A LOT with these types of phishing attacks, so everyone (even our students) kind of know better than to click on the link.’
Caught or not, reports of the attack will cause concern for Carnegie Mellon. The University is ranked 23rd in the world according to Times Higher Education and specialises in cyber security amongst other subjects. In fact, in 2015, Carnegie Mellon University was ranked The Best Information Technology School in the United States.
Overall, CMU has more than 14,000 students and 1,500 members of staff. You only need one person to click on a spurious attachment for the whole system to suffer a breach.