Campus announces upgrades to network security after printer attack

Aditi Raghunath/Staff

Related Posts

Chancellor Nicholas Dirks announced Tuesday that the campus is working to upgrade network security after campus printers were attacked by a hacker last week and distributed anti-Semitic, anti-LGBT and white supremacist flyers.

Staff in several campus departments found racist fliers on their printers last week that directed readers to the Daily Stormer, a neo-Nazi website. In response to the attack and as part of an expanded focus on security that began nearly three years ago, the campus will begin to manage network security more centrally, according to an email from Chief Information Security Officer Paul Rivers.

“We condemn the hateful messages contained in the flyers,” Dirks said in the campuswide email announcement Tuesday. “(These) attacks demonstrate the pervasive ugliness of discrimination.”

UCPD has received at least 17 reported incidents or locations of the printings, according to UCPD spokesperson Sgt. Sabrina Reich. Rivers said, however, that the campus has no precise count and that obtaining a precise count has not been a priority.

On Monday, computer hacker Andrew Auernheimer, who goes by the alias “Weev,” claimed in an interview with The New York Times that he sent the anti-Semitic and white supremacist messages to every publicly accessible printer in North America but did not specifically target college campuses.

Auernheimer said in a direct message to The Daily Californian on Twitter that he carried out the attack “to secure the existence of our people and a future for white children,” noting, however, that his actions were “not an attack” and instead “a simple and constitutionally protected statement.”

UCPD and the FBI are investigating the situation, according to Reich and FBI spokesperson Prentice Danner.

Like many other research institutions, UC Berkeley operates an open network in which many of its printers connect to the Internet, which allowed for printers to be accessed by Auernheimer, according to an email from Rivers.

“Calling this a hack is like calling it a hack when someone logs onto your Facebook account when you leave your account open,” said Nicholas Carlini, a graduate student who works as a penetration tester for UC Berkeley’s Information Security and Policy Office. “This wasn’t really a hack. He didn’t gain access to anything.”

Carlini said he suspects that printers were made accessible on the Internet both for the convenience of printing remotely and out of laziness on the part of campus information technology administrators.

UC Berkeley’s department of electrical engineering and computer science prevented the anti-LGBT attacks Monday by setting up a firewall to block incoming web traffic, according to Paul Pearce, a computer security graduate student.

While campus administrators are working to remove printers from the public Internet and implement a long-term strategy to fundamentally change the campus’s network security program, Rivers said in an email that he could not guarantee the prevention of a future incident.

“They have an impossible job,” Pearce said. “It’s a very hard problem.”

Contact Adam Iscoe at [email protected] and follow him on Twitter at @iscoe_dc.