University presidents must take 'measured' approach to social media and technology
May 26, 2017
In a changing world, technology also offers new opportunities for campus leaders, according to Deloitte and Georgia Tech study.
Intelligence firm "shocked by the sheer volume of unauthorized access that this particular hacker was able to accomplish."
Chris Bing is a staff reporter for EdScoop's sister publication CyberScoop who reports on cybersecurity and related national technology policy news...
A Russian-speaking hacker has compromised and is now offering access to databases that belong to numerous U.S. universities and federal, state and local government agencies, according to new research published Wednesday by cyberthreat intelligence firm Recorded Future.
Over the last several months the hacker — dubbed Rasputin by cybersecurity experts — had breached a total of 60 prominent universities and federal, state and local U.S. government agencies, according to a Recorded Future blog post.
"The scale and breadth of this [incident] was kind of amazing. We were shocked by the sheer volume of unauthorized access that this particular hacker was able to accomplish in essentially less than a two month period,” Recorded Future Vice President Levi Gundert told EdScoop's sister publication CyberScoop.
Recorded Future said it identified the following U.S. universities as victims of the breach, and had notified them:
Nine UK universities, including Cambridge and Oxford universities had also been breached.
Rasputin, researchers say, relies on a custom-made internet scanning tool to find websites that carry SQLi injection vulnerabilities — which allows the hacker to remotely inject code into the property to authorize commands.
"SQL injection has been around since databases first appeared on the internet. When a user is allowed to interact directly with a database, through an application in a web browser, without checking or sanitizing the input before the database executes the instruction(s), a SQL injection vulnerability exists," Gundert explained in the blog post.
“North American and Western European databases contain information on customers or users that are historically valued at a premium in the underground economy. Buyer demand typically centers on access to American, Canadian, or UK database access,” he said.
The intelligence firm said U.S. Department of Housing and Urban Development, the Health Resources and Services Administration and the National Oceanic and Atmospheric Administration had also been identified as victims of the breach.
Read more at CyberScoop.
Wyatt Kash contributed to this report.