Univ. of Maryland victim of another cyber attack

(WJLA) -- The University of Maryland has been the victim of another cyber attack.

Anne G. Wylie, UMD's interim vice-president and chair of the president's newly-formed task force on cybersecurity, sent a letter to faculty Thursday reporting that a "cyber intrusion into the university's network" was detected this past Saturday morning, March 15.

Wylie said the intrusion was detected and abated quickly.

"Within 36 hours, the FBI, U.S. Secret Service and the university's police department, working with the university's IT security staff, successfully mitigated the intrusion," Wylie's letter read. "We thank these organizations for their expeditious and effective actions."

Wylie said the FBI informed the university that the breach accessed the personal information of only one individual, reported to be "a senior university official," and that the individual has been notified.

In response to the breach, Wylie said a number of university websites were taken offline over the weekend, and are in the process of being transferred to a different web host "to provide additional levels of security."

Wylie said the university had already begun that process prior to March 15, in response to the previously reported massive data breach that took place on Feb. 18.

"The move will be completed shortly," Wylie said.

Additionally, in response to the more massive breach at UMD last month, Wylie said the university is taking a number of measures to ensure the university will not fall victim to any further breaches.

"The fight against cyber-attacks requires unrelenting effort," she said.

Wylie's letter said the president's task force on cybersecurity, formed a few weeks ago, is actively working on the following areas:

- Evaluating cybersecurity consulting firms that can assist in strengthening UMD's intrusion prevention and conducting penetration testing.

- Identifying sensitive information in university databases to determine whether they are needed and how to better isolate them. All sensitive records in the breached database that are no longer required have been removed.

- Examining national cybersecurity policies, procedures and best practices to establish an appropriate balance between centralized security and broad access on UMD networks.

- Concurrently, the university's IT staff, with the support of outside consultants, are working almost non-stop "to better protect the vast information systems in UMD's networks that are accessible to students, faculty, staff, and others."

Furthermore, Wylie reported that, In the past month, the university has:

- Closed the pathways utilized in both the Feb. 18 and March 15 intrusions.

- Changed passwords for all databases and applications.

- Conducted an initial audit to detect vulnerabilities in individual websites within web hosting environments.

- Accelerated plans to migrate web hosting to a more secure environment.

In the coming days and weeks, Wylie said UMD will announce additional security measures as well.

Wylie added that it does not appear as though the Feb. 18 and March 15 data breaches are related.