Schools in Pasadena, Texas, Arizona and Florida had been targeted for hacking
LOS ANGELES — Attempts to tap into at least five college and university computer systems by individuals linked to Russian organized crime has prompted federal officials to issue a nationwide alert about identity and credit card theft on campuses.
The warning, which was issued last Friday, followed the arrest in May of a Russian-born man at Pasadena City College and another incident at Arizona State University. Schools in Texas and Florida have also been targeted, college officials said.
Dimitri Sinilnikov was caught in Pasadena as he was allegedly installing keystroke recording software that could capture computer users’ credit card numbers and other personal data, officials at the Pasadena campus said.
Brian Marr, a spokesman for the Secret Service, said Tuesday he could not comment on what he called an ongoing investigation.
The security alert was issued by the Secret Service along with the U.S. Department of Education.
“The United States Secret Service has been investigating several nationwide computer intrusions/hacking incidents,” according to the alert issued by the agency. “The motives of the perpetrators and the number of computer systems compromised remains unknown.”
At Arizona State University, a program was apparently installed that allows students’ credit card numbers, passwords and e-mail to be stolen, though it wasn’t known if any student accounts had been compromised, according to campus police.
“It’s possible none of the information on the computers got into the wrong hands,” Lt. John Sutton of the ASU Department of Public Safety said last week.
Hard drives were seized from 20 ASU computers in conjunction with a Secret Service investigation, Sutton said.
The software secretly records keystrokes so that every action taken on a computer can be accessed by a remote hacker, Sutton said. Criminals could use the system to commit financial crimes, identity theft and sabotage, he said.
Sutton wouldn’t say how the scam was linked to organized crime from the former Soviet Union.
He also declined to identify suspects in the case.
Programs apparently were installed on student-access computers at universities in Florida, Arizona, Texas and California. Sutton said he could not release the names of other universities conducting similar investigations.
At ASU, the program was uploaded manually onto computers from floppy discs, officials said.
There are more than 20,000 computer work stations at ASU, handling 2 million e-mails daily. Many of the computers are easily accessible to the public.
The infected machines were identified by Internet protocol addresses, similar to fingerprints, which also linked to a computer in Russia.
Technology administrators for the University of California system said the incidents they’ve been warned about were linked to Russian organized crime. The incidents are low-tech and not a threat to entire computer systems, administrators said.
“It’s basically like rifling through one person’s mailbox and hoping a credit card is being sent at that time,” said Ross Stapleton-Gray of University of California technical services.
“It is a pretty low-tech attack, but our people are on the lookout for it,” Stapleton-Gray said.