News

Ringing the Alarm on Campus Computer Security

by Black Issues , November 22, 2001

Categories:

Ringing the Alarm on Campus Computer Security

Indianapolis
Even before the tragic Sept. 11 terrorist attacks, campus computer networks operated by the nation's colleges and universities was at serious risk for unlawful intrusions, hacker break-ins, and for being used as a staging ground from which cyberattackers could assault other computer systems.
Information technology experts now are taking advantage of the nation's heightened awareness of public safety to urge college and university officials to take steps to secure their campus computer networks.
"Security vulnerability can allow bad actors to hijack our technology and use it as a weapon against us," said Michael A. Vatis, director of the Institute for Security Technology Studies (ISTS) at Dartmouth College, during a news briefing at the Educause annual conference held in Indianapolis last month.
Vatis says the terrorist attacks illustrate that computer systems, like airline jets, can become destructive weapons used to damage the infrastructure. Computer networks represent a front-line target for attack by a variety of "bad actors." These bad actors could be anyone — disgruntled workers with access to a major computer network, a group of political activists that wants to disrupt networks as protest, organized crime gang members, or even foreign militaries and foreign terrorists, according to Vatis.
"It is my belief that we're likely to see an escalation of these attacks during the war on terrorism," Vatis predicts.
 The message from experts such as Vatis urging campuses to upgrade their computer network security came loud and clear during the recent Educause conference. The plea for better security, while not entirely new to the higher education community, is expected to be taken with far more seriously by IT officials than in the past.
"Security has moved from a backroom issue to one that involves the CIO and the university president," says Dr. Michael A. McRobbie, chief information officer at Indiana University.
In the aftermath of a major cyberattack on e-commerce Web sites in February 2000, federal officials placed higher education officials on alert because hackers had used college and university networks as bases from which to shut down prominent Web sites such as Yahoo and eBay. The practice of staging an attack from one computer system to damage another is one that enables the attackers to hide their identity and elude being traced. The practice is known as the Distributed Denial of Service (DDoS) attack. DDoS attacks turn innocent computing systems into "zombies," which can launch an attack against other systems.  
"The security concern has been building for some time," says Gordon D. Wishon, chief information officer at the University of Notre Dame, noting that Educause has moved to highlight security as a major issue for the 1,800 institutions affiliated with the higher education IT association.
Wishon says the DDoS attack in February 2000 has helped make colleges and universities aware that they are potentially legally liable if e-commerce organizations or others can prove that security lapses in a campus network allowed hackers to get a foothold in order to launch attacks against other networks. Federal legislation on privacy in health care and anti-terrorism also is putting legal pressure on higher education to upgrade the security of campus computer networks, according to officials.
Under Vatis' direction, Dartmouth's ISTS has recently released Cyber Attacks During the War on Terrorism: A Predictive Analysis. The 27-page report concludes that cyber attackers are likely to strike in three major ways:
• Deface electronic information sites in the United States and allied nations and spread misinformation and propaganda;
• Deny service to computer users in the United States and allied nations through Denial of Service (DoS) attacks and disruptive software worms and viruses; and
• Commit unlawful intrusions into systems and networks owned in the United States and allied nations to disrupt critical infrastructure operations and to corrupt important information.
The report urges institutions and organizations to follow best practices for computer and physical security. That means updating software on a regular basis, installing software worms protections, establishing intrusion detection systems, and setting up secure network firewalls.
For a copy of the ISTS report, please visit <www.ists.dartmouth.edu>.

1
Comments posted here may be reprinted in Diverse: Issues In Higher Education magazine, and may be edited for purposes of clarity and/or space.



Story Tools

Print Print
Text Size Smaller | Larger
Email
Share

Related Stories

Popular Topics

Concepts


FEATURED jobs
Assistant Director of Athletic Marketing
University of Northern Iowa

Develops plans for season ticket and group ticket sales; oversees the marketing plans for at least two sports as determined by the athletic marketing department; coordinates the Panther Kids Club program; designs promotional materials; and assists with press releases and game-day media coverage as needed.


Assistant Clinical Professor
Drexel University

This individual will work half-time in the Physician Assistant Program and half-time in a clinical practice associated with DrexelAcademic advising of students and membership on standing, ad hoc, search and special committee and task forces to university, college and program levels.


Business Manager (Budget & Fin Reporting Mgr)
University of Maryland, College Park

The Budget & Financial Reporting Manager is responsible for monitoring the budget activity for the several offices within the University Relations Division, including the Office of the Vice President, and will have oversight over expenditures made by these offices to ensure that expenditures...


Assistant Dean, Division of Teacher Education
Wayne State University

Responsible for the academic, administrative, budgetary and research leadership of the division; provide academic leadership in teacher preparation for the division, college and university.


Copyright 2012 © Diverse: Issues In Higher Education, a CMA publication.
Cox, Matthews, and Associates, Inc., 10520 Warwick Ave, Suite B-8, Fairfax, VA 22030