The February 2023 issue of IEEE Spectrum is here!

Close bar

College Campus Network Still Infected by a Computer Virus from 1999

Administrative, instructional and wireless networks all infected by as many as seven viruses

2 min read
College Campus Network Still Infected by a Computer Virus from 1999

There was an under-reported IT security story this past week that caught my eye involving the City College of San Francisco (CCSF). Back in November, a keystroke logger virus, among others, was discovered in its computer systems. By itself, this would not be major news, because college campuses are ripe hacking targets for a variety of reasons.

However, according to a story in the San Francisco Chronicle, one of the seven viruses had resided in the system undetected for longer than a decade! The oldest virus is thought to date to 1999. 

As of Friday, the viruses were still active. The Chronicle says that CCSF administrators are telling students and employees to "…change computer passwords, avoid using school computers for banking or purchases, and to check home computers for viruses" since the viruses have, the college's Chief Technology Officer warned, infected servers and desktops "…across administrative, instructional and wireless networks."

CCSF has about 100,000 students attending it every year, and 3,000 employees. Anyone downloading information onto a flash drive from CCSF's computer networks could have also unwittingly downloaded one of the viruses and potentially infected any computer the drive was connected to.

An AP story about the incident noted that every day at 10:00 PM, the virus would start trolling the college's networks looking for data to send overseas. That would make it morning in Eastern Europe and afternoon in Asia where the college says the suspected hackers reside.

The AP quotes John Rizzo, president of the college’s Board of Trustees as saying that:

"We don’t know the extent to which data was captured. We don’t know if individuals were affected, if they had data stolen that has affected them. But the potential is there."

Mr. Rizzo also indicated that it may take several weeks to fully understand the extent of the infection, and likely much longer to create a truly secure IT environment again. The SF Chronicle reports that the college's vice chancellor for finance "... defended the college's past efforts at virus protection, saying the school had two firewalls." It went on to quote him as saying:

"In spite of that, bad guys keep trying to get ahead of the good guys. And in this case they did."

Yeah, by about 10 years.

The Conversation (0)

How Police Exploited the Capitol Riot’s Digital Records

Forensic technology is powerful, but is it worth the privacy trade-offs?

11 min read
 Illustration of the silhouette of a person with upraised arm holding a cellphone in front of the U.S. Capitol building. Superimposed on the head is a green matrix, which represents data points used for facial recognition
Gabriel Zimmer

The group of well-dressed young men who gathered on the outskirts of Baltimore on the night of 5 January 2021 hardly looked like extremists. But the next day, prosecutors allege, they would all breach the United States Capitol during the deadly insurrection. Several would loot and destroy media equipment, and one would assault a policeman.

No strangers to protest, the men, members of the America First movement, diligently donned masks to obscure their faces. None boasted of their exploits on social media, and none of their friends or family would come forward to denounce them. But on 5 January, they made one piping hot, family-size mistake: They shared a pizza.

Keep Reading ↓Show less