Faculty face first widespread computer virus in a decade
October 26, 2017
INDIANOLA, Iowa — Simpson faculty faced the first widespread virus to attack computers in almost a decade, forcing all faculty to go to information technology services to update their computer security.
Around Oct. 2, a member of the faculty, staff or administration opened a phishing email and clicked a link leading to an infected website. The link installed the Emotet virus onto a computer on the network, said Kurt Gocken, PC and network technician for Simpson IT.
“Those computers enabled the virus to attempt to brute force (guess) the passwords on everyone’s account,” Gocken said. “Since we force accounts to lock with too many invalid password attempts, this would cause all user accounts on the network to lock.”
All IT staff joined in the effort to shut down the virus and make faculty and staff computers safe again, including their student workers.
Nathaniel Hayes, an IT student worker, said the virus brought craziness to the workroom.
“I walk into my shift and everything is chaotic. Just like the entire IT staff is huddled around there,” Hayes said. “We have a lot of faculty on campus, and all of them had to personally bring in their computer to be dealt with by us. Piles of laptops.”
Gocken said he had to identify the offending computer, remote in and clean the virus. He and the IT staff then used the opportunity to update to a more network administrator-friendly application called Sophos.
IT staff had to clean a total of 806 computers and install the new Sophos Endpoint protection. Gocken said this process took 30 to 90 minutes per device.
“One of the people (IT staff) was supposed to be going on vacation. He got a call, and, well, he had to postpone his vacation,” Hayes said. “They got donuts for us and a big bag of Snickers. It was like their way of saying, ‘Hey, thanks for doing all this work.’”
Though the new security software is supposed to help keep computers safe, Hayes said it is restrictive of what faculty can do. He said they can no longer look up weapons, sexual content or sports, for example.
“I’m not sure if that will remain, but I’m sure the staff will complain,” Hayes said. “I was talking with one of my professors about this. She teaches a sexual orientation class, and she needs access to content like that, so she’s probably not going to be terribly happy with that blockage.”
This new software will not affect students — for now. Hayes said if staff decide they like the new software and it works, students might need to change theirs as well. There is currently no timeline for such a change, and it would only minimally affect students.
The first major computer virus outbreak the school experienced in 2008 affected the whole student body, Hayes said. Every student had to bring in their technological devices such as phones and laptops. That outbreak is also the reason students have to install Safe Connect when they come to campus.
To stop similar viruses in the future, Gocken said the IT department will be conducting employee training about spam and phishing scams. They will also continue to use Sophos and their newer Next Generation Firewall system to block infections and hacking attempts.
Hayes said two ways to prevent viruses are to properly read what you’re installing on your computer and to avoid clicking on bad links sent through email.