Hacker cracks university codes
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.A hacker is thought to have stolen thousands of passwords used to access the computer network of Cambridge University, some of which is used by academics and graduates for commercially sensitive research.
Computer experts are still trying to work out whether any damage has been done to important work, or whether valuable information might have been copied. They are also unsure if the hacker did the work from inside the university, or via the Internet.
"The potential damage is immense. All we know is that there are 10,000 users inside the university, but 10 million outside [on the Net]," said Richard Sibbs, head of user services at the university's computer services department.
Hackers favour academic institutions because their computer systems are configured to allow easy outside access, for sharing of academic data, but also often have "gateways" to more important information.
Cambridge University's network, for example, also connects to the Medical Research Council's molecular biology laboratory, the university's high- energy physics laboratory, and the Hitachi Microelectronic Research Centre.
The breach of security is being taken very seriously by the university, which will change all 10,000 passwords within a fortnight. "It's like people have got hold of the keys to a house," said Mr Sibbs. If caught and convicted, the perpetrator could be jailed for up to five years.
The hacker planted a "sniffer" program on the university's main network in February or March. The program monitored the first keystrokes of any user logging onto the electronic mail system, which has about 10,000 computers. Those letters are always the user's name and password, which the program stored. They could then be read by the hacker over the internal network or the Net.
The sniffer program has now been stopped, but staff at the UK university network, JANET, think it could have been running for up to four weeks.
However, Mr Sibbs does not expect academic organisations to restrict access from the Net. "This happens dozens of times a year around the world. We've been running open systems for 30 years. It wouldn't be in the nature of academic collaboration to close off outside access."
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments