Viruses stole City College of S.F. data for years

Viruses stole City College of S.F. data for years

Personal banking information and other data from perhaps tens of thousands of students, faculty and administrators at City College of San Francisco have been stolen in what is being called “an infestation” of computer viruses with origins in criminal networks in Russia, China and other countries, The Chronicle has learned.

“Given the outright mismanagement of our networks, if someone’s information is stolen, are we liable for that?” Jackson asked.


So for 10 years or so, the Russian Business Network has been in the data banks of City College, along with the other usual suspects.

What none of the antivirus/malware programs can do, is prevent stupid behavior by the computer user. Somehow, that a user should never click on that naked_lady.exe image just never gets through. Social engineering pushing the user to just go ahead and click seems to be so strong that no malware protection program and keep up with it all.

There is one thing I can guarantee if you want to keep your money safe. If you never put it on a computer network and you never access online banking, your money is safe from your end. You can’t protect the bank, you can’t protect the credit card company to prevent your data from being stolen but the chances are good, it’s your computer the data will come from, not theirs. You see, they have money riding on the line in large amounts making it a constant target for hackers and scammers. So it’s smart business to hire the professional to get the job done on security. But you the individual don’t have that sort of back up for your equipment.

If you do bank on line, don’t do it with a computer that ever surfs the net. Within minutes of hitting online, is about all the safety margin you have. Once you get out of the https you’re open for whatever comes down the pipes, no matter how good your security is. Ask City College who thought they had it down.

If you are a business in the US, the banks no longer have to reimburse you for a security leak from the internet. In order to even qualify for consideration, you must run a strong A/V program and have a computer that does nothing other than financial. If it ever once, surfs the net, the bank has a way out to not pay back the loss to a business.

So far for personal accounts this isn’t the case. I would strongly recommend if you do business on line you have a dedicated computer to do that and nothing else. No playing games, no listening to music on it, no surfing the net. On the face that might sound like an expensive solution. Think of it in other terms. What would it cost you to go without whatever is in your bank account for several months before you could terminate online connections to your account? What would that mean in terms of survivability for you and your family when it comes to eating, paying bills, and going to work. Looking at it that way, it might be cheaper than it appears on the surface.

This business of malware isn’t going to go away, until software houses get serious on security. If they get it tight enough to prevent the accidental install of malware, you won’t like the product from that results. Mainly because it will be so locked down and limited in what it can do that it will be near worthless for most computer users.

The computer is a marvelous and flexible tool. It can be used for work, for entertainment, the replacement for a trip to the library to learn something, or a replacement for a trip to the grocery store or for shopping. To secure all that means to take choices out of the hands of the user. No one has yet designed the malware program that does that effectively and yet when done, leaves the user the freedom to use the computer as they so desire.

Multiply those vulnerabilities by a network full of users and suddenly you come up with the nightmare this college is now facing.

Posted in Thoughts.

Leave a Reply