Cyber Incident Victim: University of Massachusetts-Amherst
Date:
Mar 2016
Location:
United States of America
Summary
A hacker exploited publicly accessible networked printers at multiple universities, including the University of Massachusetts-Amherst, to distribute racist and white supremacist flyers containing swastikas. The perpetrator, Andrew "Weev" Auernheimer, claimed to have sent the print jobs indiscriminately to all open printers across North America without unauthorized access, leveraging universities' intentionally exposed printing infrastructure for remote use. A subsequent copycat incident targeted the same institution and another with anti-LGBT content, though Auernheimer denied involvement. The incident highlighted security vulnerabilities, prompting at least one affected university to implement traffic filtering measures to block similar unauthorized print jobs.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In March 2016, public networked printers at multiple North American universities, including the University of Massachusetts-Amherst, printed unsolicited racist flyers containing swastikas and white-supremacist messages. The incident was orchestrated by Andrew "Weev" Auernheimer, a hacker and internet troll residing in Serbia, who exploited publicly accessible printers connected to university networks. Auernheimer sent the print jobs indiscriminately to all publicly reachable printers across North America without targeting specific institutions, leveraging open network configurations that allowed remote printing for academic convenience. Universities such as Princeton, UC Berkeley, Brown, Smith College, Mount Holyoke College, and Stony Brook University also received the flyers. Auernheimer did not gain unauthorized access to printers but instead capitalized on their exposure to the open internet, discoverable through basic network scanning. The flyers were detected when they physically printed out on campus devices, prompting IT staff to intervene. Stony Brook University’s Chief Information Security Officer Philip Doesschate confirmed one of their printers produced the material and implemented network traffic filters to block similar incidents.
A subsequent wave of anti-LGBT flyers emerged on March 28, 2016, at UC Berkeley and UMass-Amherst, attributed by Auernheimer to a copycat actor. The initial incident highlighted vulnerabilities in university printer security, particularly the risks of exposing devices to the internet without adequate safeguards. No legal action was anticipated against Auernheimer due to the absence of unauthorized system access. The incident drew media attention partly due to Auernheimer’s notoriety from prior cyber activities, including his 2013 conviction (later overturned) for exposing AT&T iPad user data. Universities reinforced network security measures post-incident, though specific technical responses beyond Stony Brook’s filtering were not detailed in available reports. The physical dissemination of hate materials on campuses caused operational disruptions and raised concerns about the misuse of institutional infrastructure for harassment campaigns.