ALVSCE Web Server IT Security Incident

Agriculture, Life and Veterinary Sciences, and Cooperative Extension Weekly Bulletin alvsce_bulletin at list.cals.arizona.edu
Thu Aug 31 16:58:33 MST 2023 

Good Afternoon,

Most of the day has been focused on data collection from various logs on and off the server, including networking equipment, cloud monitoring software etc, as well as transferring several snapshot images of our server to UITS' security team. Through this process, my team has found more evidence that the issue under investigation involved a singular WordPress site.

That said, UITS is casting a wide net in their security scan and has mandated we keep dozens of sites offline until more forensics can be done. Their team is in the beginning phase of their analysis and has relayed it is too soon to give us an estimated completion time. We will continue to engage UITS as they work through this process, but at this moment, we are on the sidelines, as they have everything they need from us.

UITS has not yet scheduled a follow-up meeting, but I will provide an update tomorrow at 10am in case any news comes in overnight.

Thank you again for your patience.

Matt


[The University of Arizona block 'A' logo.]
Matt Rahr
Director, Cyber & Information Technologies
Division of Agriculture, Life & Veterinary Sciences and Cooperative Extension
THE UNIVERSITY OF ARIZONA

Forbes Building, 230
1140 E South Campus Dr | Tucson, AZ 85721
Office: 520-621-1212
rahr at ag.arizona.edu<mailto:rahr at ag.arizona.edu>

Communications & Cyber Technologies Unit
Landmark Stories | CCT Data Science Team

cct.arizona.edu<https://cct.arizona.edu/>
landmarkstories.arizona.edu<https://landmarkstories.arizona.edu/>
datascience.cct.arizona.edu<https://datascience.cct.arizona.edu/>

facebook<https://www.facebook.com/LandmarkStories/> | twitter<https://twitter.com/StoriesLandmark> | instagram<https://www.instagram.com/landmarkstories/> |
[Integrity, Compassion, Exploration, Adaptation, Inclusion, Determination]<https://brand.arizona.edu/signature>




From: ALVSCE_Bulletin <alvsce_bulletin-bounces at list.cals.arizona.edu> On Behalf Of Agriculture, Life and Veterinary Sciences, and Cooperative Extension Weekly Bulletin
Sent: Thursday, August 31, 2023 10:02 AM
To: alvsce_bulletin at list.cals.arizona.edu
Subject: ALVSCE Web Server IT Security Incident

Good Morning Division,

UITS is investigating a security incident that occurred on our web server yesterday afternoon. The offending website, a WordPress site, was detected and quickly brought down by our in-house CCT staff. While evidence shows that the incident was isolated to that specific Wordpress site, UITS is remaining cautious and wants to perform a deeper dive analysis. To do this, my team will need to bring down several AES, Extension, and CALES websites during their investigation. I know the business impact this has on our Division, and I deeply apologize for this inconvenience. UITS' security team will provide an update in six hours, and I will relay more information then.

Cheers,
Matt

[The University of Arizona block 'A' logo.]
Matt Rahr
Director, Cyber & Information Technologies
Division of Agriculture, Life & Veterinary Sciences and Cooperative Extension
THE UNIVERSITY OF ARIZONA

Forbes Building, 230
1140 E South Campus Dr | Tucson, AZ 85721
Office: 520-621-1212
rahr at ag.arizona.edu<mailto:rahr at ag.arizona.edu>

Communications & Cyber Technologies Unit
Landmark Stories | CCT Data Science Team
cct.arizona.edu<https://cct.cals.arizona.edu/>
landmarkstories.arizona.edu<https://landmarkstories.arizona.edu/>
datascience.cals.arizona.edu<https://datascience.cals.arizona.edu/>
facebook<https://www.facebook.com/LandmarkStories/> | twitter<https://twitter.com/StoriesLandmark> | instagram<https://www.instagram.com/landmarkstories/>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://list.cals.arizona.edu/pipermail/alvsce_bulletin/attachments/20230831/70791868/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 14173 bytes
Desc: image002.png
URL: <https://list.cals.arizona.edu/pipermail/alvsce_bulletin/attachments/20230831/70791868/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 24654 bytes
Desc: image003.png
URL: <https://list.cals.arizona.edu/pipermail/alvsce_bulletin/attachments/20230831/70791868/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 14175 bytes
Desc: image004.png
URL: <https://list.cals.arizona.edu/pipermail/alvsce_bulletin/attachments/20230831/70791868/attachment-0005.png>

More information about the ALVSCE_Bulletin mailing list