The University of Virginia says that hackers from China hit its networks over the weekend, forcing the university to take its network offline.
According to the university, the hackers did not access any personal data, such as Social Security numbers or personal health information, of students or staff and faculty. It started with a few software vulnerabilities that the intruders were able to effectively exploit—highlighting the ongoing need to keep systems up to date.
UVA turned to Mandiant to “investigate the nature of the attack and to take corrective action.” The school shut down its network to patch the vulnerabilities on Friday and went back online Sunday.
“The university is in the process of upgrading security systems to further strengthen the security of data and information stored on university resources and to help prevent further cyber-attacks,” said Patrick Hogan, executive vice president and COO of UVA.
US officials believe that hackers working as part of the Chinese military are systematically hacking data-rich targets across the country, as part of their efforts to build a massive database on American citizens—for what purpose, we don’t yet know.
The widely publicized hack of the Office of Personnel Management, the human resources arm for the government and the department that conducts background checks—was likely part of that effort as well. In that attack, personal information for 4 million current and former federal employees was compromised, after a months-long, stealthy data exfiltration campaign.
China has repeatedly denied the allegations.
"Cyber-attacks conducted across countries are hard to track, and therefore the source of attacks is difficult to identify," said Zhu Haiquan, spokesman from the Chinese Embassy in Washington DC, during the OPM incident. “Jumping to conclusions and making hypothetical accusations is not responsible and [is] counterproductive.”