BOSTON - The recent intrusions on supercomputers at leading U.S. research universities highlight a growing problem: college campuses struggling to maintain academic openness while protecting staff and students from Internet-borne viruses and malicious hackers.
Schools are being pinched by a steady stream of worms and viruses, tough federal information-privacy regulations and lawsuits targeting student file swappers. In response, colleges are investing in a wide range of security technology and looking at ways to lock down campus networks, all without stifling students and faculty, according to interviews with leading information technology staff at a number of universities.
With large, heterogenous networks and a diverse user population of students, faculty and staff, colleges and universities have become rich targets in recent years for malicious hackers, viruses and worms, according to one IT security expert. "Universities are an extreme example of what businesses are facing," said John Bingham, president of Intrusic Inc., a security technology company in Waltham, Massachusetts.
According to a security advisory released by Stanford University on April 10, attackers hijacked user names and passwords for multiuser Linux and Solaris machines, often by sniffing information when users connected to those machines from other compromised systems. Attackers also took advantage of shared folders, which were loosely secured by the universities to make it easier to manage systems and share data processing tasks between machines, the advisory said.
Many campus networks are designed to serve as Internet service providers, facilitating access for users, rather than protecting information assets, like more closed and segmented corporate networks, Bingham said.
That is a problem that IT staff at Boston College (BC) are weighing, according to David Escalante, director of computer policy and security at the college in Chestnut Hill, Massachusetts. "Our current network is architected ... to pass information from A to B as quickly and efficiently as possible -- from student to student, or faculty to student, to the Internet, wherever" he said. Unfortunately, that architecture also amplifies the effects of malicious network activity caused by worms and viruses, he said.
Wayne State University faced a similar problem on September 11, 2003, when six compromised machines on the campus network launched a coordinated denial of service (DoS) attack that flooded the campus network with traffic and prevented communication to or from the university, said Patrick Gossman, director for academic technologies at the Detroit, Michigan university.
IT administrators had to shut down entire parts of the campus network and work for more than a week to recover from the attack. IT staff at the university don't know how the DoS programs got installed on the campus network. And, despite an official investigation from the U.S. Federal Bureau of Investigation, university officials still don't know who was responsible for the attack, Gossman said.
Part of the challenge faced by universities comes from a new generation of mobile and tech-savvy students, according to administrators. "You've got people bringing laptop computers that are infected on campus, and its hard to detect those unless something goes wrong," Gossman said.