By now, it’s household knowledge that some companies that went on to fame and greatness were founded by the so-called “geeky” kids during their early years. The founding of Apple computers in a garage and the founding of Facebook in a Harvard college dorm room are the stuff of startup legends.
But a recent “crime wave” of cyberintrusions at major universities have experts wondering if even these young computer users are safe from hacking and computer crimes. Officials from Harvard University have now announced that several different colleges on the campus were the victims of a cyberintrusion last month, meaning there’s evidence that someone has infiltrated the network without authorization, but that so far there’s no evidence of what was accessed or impacted.
Those colleges and offices affected by the intrusion include the Faculty of Arts and Sciences, Harvard Divinity School, Radcliffe Institute for Advanced Study, Central Administration, the Graduate School of Design, Harvard Graduate School of Education, Harvard John A. Paulson School of Engineering and Applied Sciences, and Harvard T.H. Chan School of Public Health. Many of the other well-known Harvard colleges, like the business, law, and medical schools, weren’t affected.
If the hackers don’t seem to have accessed any sensitive research data and didn’t go into the computer and change grades like the plot of some fun ‘80s movie, what were they after? No one really knows yet. During the forensic investigation into this breach, experts have warned that it may be tied to the recent Chinese hacking of the federal government’s Office of Personnel Management. That breach led to the exposure of potentially millions of individuals’ sensitive data.
Of course, this isn’t the first time Harvard has been affected by hackers. It’s also not alone, since Penn State’s college of engineering, Johns Hopkins University, and the University of Maryland have all suffered a data breach since 2014.
For now, Harvard has issued warnings to anyone associated with the affected schools to make changes to their university network login and things like their Office 365 passwords, but has also recommended everyone else change their university email passwords. It’s interesting to note that the formal response time to large scale data breaches is becoming smaller and smaller; Harvard made these recommendations less than a month after the breach was noticed, and even stated they could have sent out the warning even sooner but didn’t want to risk alerting the hackers that they knew about it until they’d been able to investigate and put safeguards in place.
It’s also important to take away a crucial lesson from this: there is no such thing as a 100%-secure network. All too often, individuals who are impacted by something like this are surprised that someone could get into their “closed” system, but things like university emails, in-college websites, and other membership-specific internet systems are just as vulnerable to hacking as any other, if not more so. The challenge of breaking in and accessing sensitive information might be reason enough for a hacker to attempt it, so it’s important to keep that in mind when you share data or content over these networks.