Fri. Aug 7th, 2020

Staff Meeting Hacked, Infiltrators Interrupted Meeting with Abusive Language

Multiple hackers posed as staff members before hijacking the meeting

During a Staff Advisory Council meeting organized on June 24 to discuss detailed summer and fall planning, multiple hackers masquerading as staff members hijacked the meeting and began interrupting the call with abusive language. Specifically, they used “racist language and anti-semetic imagery,” according to an email sent to faculty from President Nathan Hatch shortly after the attack. 

The call, which hosted 500 staff members, was stopped by the meeting organizers quickly after the hackers took control. After attempting to restart the Zoom call, the infiltrators were still present and the meeting was eventually ended. 

According to Mur Muchane, Vice President for Information Technology, the call “was disrupted as a result of the omissions of several security best practices.” Muchane explained that the meeting details and password were published on inside.wfu.edu as part of the event information.

“Within minutes of the posting to inside.wfu.edu, several bots accessed the inside.wfu.edu posting,” he explained. “This is a regular occurrence for public-facing sites, and in this case they were able to collect the meeting link and password and distribute it world-wide.”

Not long after the attack took place, Muchane shared video conference guidelines with faculty and staff via email. Along with guidance about keeping meeting information private and exclusively using @wfu.edu emails, the message also recommends that faculty and staff rename themselves as “something only WFU colleagues would know to make it more difficult for people to use your name to join meetings.” 

Further, the hackers had used internet protocol (IP) addresses from other countries, according to Muchane. IP addresses can be used to geographically locate internet users, but can be easily altered with a virtual private network (VPN) service to trick websites into registering the user with another location. Since the hackers had used IP addresses from other countries, tracking the origin of the attack then becomes much more difficult. 

In the email to faculty and staff, Hatch recommended meeting attendees make use of resources available through the Employee Assistance Program. These include the ability to confidentially seek help with and be referred to other services for help with  “anxiety, grief and depression” and other personal concerns. 

“This was a traumatizing experience for many on the call, especially our Black colleagues, and it reinforces that we all have a role to play in protecting each other and our community from those who would seek to force their hatred upon us,” Hatch said in the email.