- Регистрация
- 17 Февраль 2018
- Сообщения
- 39 599
- Лучшие ответы
- 0
- Реакции
- 0
- Баллы
- 2 093
Offline
Social engineering strikes again.
Credit: Getty Images
The University of Pennsylvania has a somewhat unusual distinction: It is the alma mater of two of the planet’s most polarizing figures, Elon Musk and Donald Trump. As the political power of both men rose over the last year, the US government began to pressure Penn, first by pulling its research funding and then by targeting the school for past actions related to a transgender swimmer.
After the “sticks” were deployed, a “carrot” was offered. Penn became one of just nine schools nationally to be offered a special “compact” with the federal government, which would give the feds broad control over the school and its speech in return for preferential access to federal funds. Penn declined to sign the deal. (Making the whole surreal situation stranger was the fact that one of Penn’s own wealthy boosters apparently helped the Trump administration write the compact.)
In other words, Penn has become an obvious target of the Trump administration; now it has been targeted by a hacker claiming to share Trump and Musk’s grievances over affirmative action and “wokeness.”
On October 31, Penn was hacked after what the school describes as “sophisticated identity impersonation commonly known as social engineering.” Using the stolen credentials, an unknown hacker penetrated various Penn systems, including the school’s Salesforce system, SharePoint and Box services, and marketing applications.
The hacker also appears to have grabbed a copy of the hugely sensitive donor database. According to the school paper, some of this information has already been released on LeakForums and contains “memos about donors and their families, receipts of bank transactions, and personal identifying information.”
Once that information was taken, the hacker sent an email to numerous members of the Penn community. It had the subject line “We got hacked (Action Required),” and it called the school “a dogshit elitist institution full of woke retards.” It went on to claim that the school is “completely unmeritocratic” and that “we hire and admit morons because we love legacies, donors, and unqualified affirmative action admits.”
Sounds political! But the hacker contacted the site Bleeping Computer and said that the real goal was Penn’s “vast, wonderfully wealthy donor database” and that, “while we’re not really politically motivated, we have no love for these nepobaby-serving institutions.” (Among the donors? Elon Musk, who has endowed the Elon Musk Public Lecture at Penn.)
That “denial” of political motivations also sounds pretty political, and there’s precedent for such actions against educational institutions. Columbia University, for instance, was hacked this summer by a “highly sophisticated ‘hacktivist’ who had gained access to private student records in an attempt to further a political agenda,” according to the Associated Press.
It’s always hard to know how much of this “hactivist” activity is truly motivated private actors, however, as opposed to nation-states disguising their own attempts to steal data and to create political disruption.
In response, Penn has called in the FBI and the private company CrowdStrike, while a Penn alumnus has already sued the school for negligence. Penn workers can look forward to “additional mandatory trainings” to prevent similar breaches in the future.
Credit: Getty Images
The University of Pennsylvania has a somewhat unusual distinction: It is the alma mater of two of the planet’s most polarizing figures, Elon Musk and Donald Trump. As the political power of both men rose over the last year, the US government began to pressure Penn, first by pulling its research funding and then by targeting the school for past actions related to a transgender swimmer.
After the “sticks” were deployed, a “carrot” was offered. Penn became one of just nine schools nationally to be offered a special “compact” with the federal government, which would give the feds broad control over the school and its speech in return for preferential access to federal funds. Penn declined to sign the deal. (Making the whole surreal situation stranger was the fact that one of Penn’s own wealthy boosters apparently helped the Trump administration write the compact.)
In other words, Penn has become an obvious target of the Trump administration; now it has been targeted by a hacker claiming to share Trump and Musk’s grievances over affirmative action and “wokeness.”
On October 31, Penn was hacked after what the school describes as “sophisticated identity impersonation commonly known as social engineering.” Using the stolen credentials, an unknown hacker penetrated various Penn systems, including the school’s Salesforce system, SharePoint and Box services, and marketing applications.
The hacker also appears to have grabbed a copy of the hugely sensitive donor database. According to the school paper, some of this information has already been released on LeakForums and contains “memos about donors and their families, receipts of bank transactions, and personal identifying information.”
Once that information was taken, the hacker sent an email to numerous members of the Penn community. It had the subject line “We got hacked (Action Required),” and it called the school “a dogshit elitist institution full of woke retards.” It went on to claim that the school is “completely unmeritocratic” and that “we hire and admit morons because we love legacies, donors, and unqualified affirmative action admits.”
Sounds political! But the hacker contacted the site Bleeping Computer and said that the real goal was Penn’s “vast, wonderfully wealthy donor database” and that, “while we’re not really politically motivated, we have no love for these nepobaby-serving institutions.” (Among the donors? Elon Musk, who has endowed the Elon Musk Public Lecture at Penn.)
That “denial” of political motivations also sounds pretty political, and there’s precedent for such actions against educational institutions. Columbia University, for instance, was hacked this summer by a “highly sophisticated ‘hacktivist’ who had gained access to private student records in an attempt to further a political agenda,” according to the Associated Press.
It’s always hard to know how much of this “hactivist” activity is truly motivated private actors, however, as opposed to nation-states disguising their own attempts to steal data and to create political disruption.
In response, Penn has called in the FBI and the private company CrowdStrike, while a Penn alumnus has already sued the school for negligence. Penn workers can look forward to “additional mandatory trainings” to prevent similar breaches in the future.
