Latest UMD 'intrusion' linked to IT worker exposing security issues, account shows

Share this article:
Oracle lays out Java security facelift
The engineer says that his goal was to spur action at the University of Maryland.

A software engineer revealed that the FBI raided his home after his attempts to expose a security issue impacting the University of Maryland's systems.

On Tuesday, David Helkowski, a former employee of Baltimore-based firm Canton Group which was contracted by UMD, shared the details surrounding the March incident on Reddit.com.

Last month, Ann Wylie, who chairs UMD's cyber security task force, announced that a “cyber intrusion” occurring on March 15 (now linked to Helkowski) had been “successfully mitigated” by law enforcement, university police and staff. She added that the only public release of information was that of one senior official at the school, and that the incident was in no way related to the massive breach striking UMD in February, where hackers accessed the names, Social Security numbers and other data of 300,000 students, alumni and staff, after planting a trojan on a university site.

According to Helkowski's account, while working on a UMD website through his contracted company, he detected malware on the school's site. After reporting the concern to coworkers and his boss, no action was taken by his firm (including telling the university).

After the UMD breach impacting 300,000 became public, he eventually communicated security issues he found via penetration testing directly to university staff, he wrote.

On Reddit.com, the software engineer also posted a copy of the search warrant used by police who entered his home last month (PDF).

As of Tuesday, he said that no charges had been filed against him, and also revealed what he turned over to police.

“During the raid, I provided my 20+ character system encryption password, my Keepass password, the location of my keyfiles, and a full description of everything,” Helkowski wrote. “I basically ‘confessed' everything to the FBI already.”

On Tuesday, Baltimore's City Paper posted an FBI agent's search warrant affidavit (PDF), which showed an email Helkowski allegedly sent to UMD's security task force on March 15.

The email apparently included the names, student ID numbers, email addresses, and title of UMD employees on the task force, as a means of demonstrating that the school was vulnerable to attack.

According to the affidavit, it appears that Helkowski also exposed the private information of University of Maryland President Wallace Loh to gain the school's attention.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.