<div dir="ltr"><a href="https://www.thestar.com/news/canada/2017/03/28/potential-hacking-devices-found-on-carleton-university-computers.html">https://www.thestar.com/news/canada/2017/03/28/potential-hacking-devices-found-on-carleton-university-computers.html</a><br><br><div style="box-sizing:border-box;margin:0px;padding:0px;color:rgb(64,64,64);font-family:"merriweather sans",helvetica,roboto,arial,sans-serif;font-size:20px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial"><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">Carleton University is urging caution among staff and students after discovering potential hacking tools on a handful of classroom computers.</p><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">The university says it discovered USB key-logging devices on six classroom computers across three university buildings.</p><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">Carleton says staff discovered the devices last week during what it called a routine classroom inspection, but did not indicate how long they had been in place.</p><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">Keystroke-loggers capture information typed into a computer and can record usernames and passwords people use to log into various websites and programs.</p><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">The university says it will inspect classroom computers every morning and throughout the day, adding it’s taking additional steps to strengthen classroom security.</p></div><div style="box-sizing:border-box;margin:0px;padding:0px;color:rgb(64,64,64);font-family:"merriweather sans",helvetica,roboto,arial,sans-serif;font-size:20px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial"><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">Carleton says it’s not aware of anyone having their personal information breached because of the devices, but urges people to change passwords all the same.</p><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">“These computers are used solely for instructional purposes in classrooms and do not store any university, personal or confidential information,” Carleton said in an internal note to staff. “We have no evidence that any information was retrieved from these devices or that any university data were compromised.”</p><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">Carleton also urged people who may have used classroom computers to log on to external sites such as Google or Dropbox to change the passwords they use for those services as well.</p></div><div style="box-sizing:border-box;margin:0px;padding:0px;color:rgb(64,64,64);font-family:"merriweather sans",helvetica,roboto,arial,sans-serif;font-size:20px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial"><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">The university said the key-logging device could have posed a serious risk to users not only because of the information they captured, but because of the inherent difficulty in discovering them.</p><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">Antivirus or anti-malware programs cannot detect them, as they are pieces of hardware rather than malicious software. Carleton said someone would have had to physically retrieve the devices to make use of the contents they collected.</p><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">This is not the first time this school year that Carleton has dealt with a security breach.</p><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">The university was the victim of a ransomeware attack in November when an unknown hacker locked down the bulk of the network requesting a bitcoin payment to have it released.</p><p style="box-sizing:border-box;margin:0px 0px 1rem;padding:0px;font-family:georgia,cambria,"times new roman",times,serif;font-size:1rem;font-weight:400;line-height:1.4">The university said it was eventually able to unlock the network without making any payments.</p></div></div>