It has come to
our attention that many of our campus users are not performing Windows
Updates on their computers. Additionally, there are reports
of weak passwords and antivirus software
that is missing or not updated.
Over fifty computers
on campus have been compromised recently. In each instance, the owner
lost use of the computer for time periods ranging from 1 day to 2
weeks, due to the fact that these infected computers must be reinstalled
from scratch! A few of these systems are located in departments on
campus that handle student information and sensitive data on a daily
basis.
The “hacker” groups
that took over these systems scanned our entire network looking for
more vulnerable systems to attack. It is very possible at this point
that they have infected many more systems and will “activate” the
remote software they have installed at a future point in time. At
that point, hundreds of unauthorized individuals will be gaining unauthorized
access to Georgia State University systems and data. These computers,
like the first fifty victim systems, will be used to transfer and
store illegal copyright files and in attacking external networks.
Please alert everyone
in your department and ask them to run “Windows Updates” on their
systems at work and at home. Your Windows 2000 and XP systems at home
that you utilize to connect to the internet and campus VPN are also
susceptible to being compromised if these updates are not applied.
One compromised
laptop brought in from home can result in hundreds of Georgia State
University computers becoming infected with the remote control programs
that these hackers are installing!