University officials have confirmed two security breaches of computer systems on campus last week and have begun an investigation with the FBI that points to hackers overseas.
The university and the Information Technology Center officially confirmed Jan. 2 that breaches occurred in November and December 2006 that have affected services with the Arizona Student Unions, the University Library and the university Procurement and Contracting Services, said Johnny Cruz, director of media relations for the UA.
Internet Protocol, or IP, addresses from hackers detected on university systems were used to begin a criminal investigation that now points overseas. The University of Arizona Police Department is leading the investigation and contacted the FBI for assistance, he said.
“”The FBI is often involved when cases deal with foreign suspects,”” said Sgt. Eugene Mejia, UAPD spokesman. “”They can contact appropriate foreign law enforcement.””
A more specific location from the IP addresses of the hackers is known by officials, but the investigation is still pending and the information has not yet been released, said Michele Norin, executive director of Center for Computing and Information Technology.
The security breach shut down PACS and library services for several days, Norin said. This was a security method to prevent further breach.
At this point, there is no indication that any records were stolen, Cruz said.
But the university is still experiencing problems because of the hackers’ damage. University services, including Interlibrary Loans, Ask a Librarian services and laptop checkouts, are still unavailable, in addition to seven PACS services, according to a status report from Provost George Davis.
Payroll processing and the UA Meal Plan were temporarily shut down but are now available again, Davis said.
“”Since school starts this week, we are trying to get the library fully functional first, then PACS will be the next focus,”” Norin said.
The security breach was discovered through a malfunctioning program in UA Financial Services, Norin said. The CCIT was contacted to investigate the malfunction and found evidence that hackers had been in the computer system, she said.
The hackers installed programs that store files from the system, such as movies, Norin said.
“”Now we need to look at what we can learn and what we need to do in the future,”” she said.
This could include new monitoring devices and new software, Norin said.
The hackers often find a weakness with a single computer and get into the system through that connection, Norin said.
“”We have to deal with many, many people attempting to break into our system every day,”” Cruz said. “”This is something that all large databases have to watch for.””