We appreciate the opportunity to provide an update to President Bernardo’s last communication dated August 20, 2015, regarding the hacking of WSU systems. Thanks to the hard work of many across all of our campuses over the past three weeks, we have made tremendous progress in enhancing our IT security profile.
Here’s a quick summary of what we have been doing:
Actions to Date |
|
|
Using information gained from the forensic investigation, WSU planned and deployed a series of tactical activities designed to disrupt and evict the intruders, eliminate compromised communication channels, and simultaneously strengthen our security profile to detect and protect against future attacks. The most notable changes in the short run are a set of new technology tools designed to detect and respond to these kinds of threats to our system, and new security protocols for server administration. To date, these efforts have proven effective in isolating and eliminating the current threat from our systems. It is important to note that in recent years, higher education has become one of the most targeted institutions for cyber attack. As threats become more sophisticated, WSU must quickly adapt to stay ahead. The University has made significant investment to do so. Security processes will continue to expand and grow in order to keep pace with the ever-changing cyber landscape. This will be an ongoing effort. |
|
|
|
Next Steps |
|
|
Over the next several weeks, WSU will continue working to fully operationalize many of the new security tools and protocols across the university. These changes will be relatively seamless to end users, while representing considerable work for IT professionals across the system. We appreciate their ongoing work and collaboration to improve the security profile of the University. |
|
|
Restoring Email Communication Channels with Federal Partners |
|
|
Given the number of cyber attacks reported recently, a number of federal agencies have reviewed and tightened their internal protocols for sending and receiving email, including that from their higher education partners. Unfortunately, some agencies have blocked email communication from Washington State University. This creates significant challenges for faculty and staff performing critical research activities. We are actively working every available channel to help educate agencies about the actions we’ve taken to strengthen security protocols. For example, we’ve been working with federal law enforcement who, in turn, are actively supporting our efforts to fully restore email communication channels with federal agencies, even attesting to the strength and timeliness of our remediation effort. Additionally, Government Relations, Office of Research, and Information Technology Services are working together to communicate with affected agencies about our improved security posture. These efforts have been positive, and we expect that full email communications will be restored in the coming weeks. However, solving this urgent issue is complex because WSU is dependent on other agencies to reopen the email channels to us. Until resolution is complete, we recommend that you follow up any email to your federal partners with a telephone call to ensure they have received your information and/or to see if they have a preferred alternative for communication. In addition, we have launched a temporary, secure cloud email service for those faculty and staff with pressing research-related email correspondence associated with federal and other outside organizations. If you suspect your email correspondence with federal agencies is being blocked, please contact your area technology officer who will facilitate access to this temporary system. |
|
|
Mandatory Password Rotation Coming Soon |
|
|
An important component of enhancing security at WSU includes password rotation and strength. Over the next few weeks, WSU will begin requiring password rotation for all system users as described in existing Executive Policy 18. At that time, users who have not reset their passwords since August 20 must do so. We strongly encourage every member of our university to change the password associated with your WSU account as soon as possible. This will help insure that your system access is secure and prevent potential service interruptions when password rotations are enforced. Instructions for password resets are available at security.wsu.edu/faq |
|
|
Click Intelligently |
|
|
In the past week, faculty, students, and staff have observed an increase in the number of malicious “phishing” emails and input their WSU user name and password. Clicking on such links and attachments immediately exposes you and the University to potential cyber-theft risk. Remember that malicious emails can put your data at risk. Do not click links or download attachments from untrusted or unexpected emails. If you are unsure about the validity of an email, ask your local IT professional before opening any attachments or clicking on any hyperlinks. |
We appreciate the support of the entire university in this important effort.
|
Erica Austin Interim Co-Provost |
|
Ron Mittelhammer Interim Co-Provost |
|
Matt Skinner Interim Chief Information Officer |