July 19, 2013
The computer systems at American research universities are increasingly at risk of being hacked into, according to The New York Times. Many schools have numerous patents and develop intellectual property that could turn into innovations, technologies or other products of value. Consequently, these schools are having to bolster their cybersecurity in order to protect faculty projects and ideas.
"The attacks are increasing exponentially, and so is the sophistication, and I think it's outpaced our ability to respond," said Rodney Petersen, head of the cybersecurity program at Educause, a nonprofit alliance of schools and technology companies. "So everyone's investing a lot more resources in detecting this, so we learn of even more incidents we wouldn't have known about before."
University officials said the attacks have been doubling every few years. For example, the University of Wisconsin gets 90,000 to 100,000 attempted intrusions into its computer system per day just from China, according to Bill Mellon, the school's associate dean of research policy.
"There are also a lot from Russia, and recently a lot from Vietnam, but it's primarily China," he says.
Other than some personal data, universities haven't made public what hackers have been able to steal, The Kansas City Star reported. Sometimes the academic institutions don't even know their systems have been penetrated until after the fact, and even then they still might not be able to identify what's been stolen. The New York Times noted that, unlike corporations, universities are not as accustomed to the sophistication of current hacker attacks. In addition, university computer networks tend to be very difficult to secure as there are so many users with individual log-ins accessing the system from different locations. To address this new security threat, some schools' facilities now prohibit their professors from taking laptops and cell phones to certain countries, while others insist that laptops that have been out of the U.S. be scrubbed immediately upon their return. Others only prohibit taking certain data abroad.
Universities are also taking technological measures to enhance their cybersecurity, In The Capital noted. Purdue University, for example, cloisters its most sensitive information in smaller vaults that are heavily encrypted, and thus more difficult to access and navigate. Furthermore, Purdue sometimes stores this data separately from the main network. The University of California, Berkeley has doubled its millions-of-dollars security spending and, like many schools, has implemented policy changes recommended by the Federal Bureau of Investigation.
Another important strategy, information technology officials said, is applying security patches released by software developers immediately because as soon as a vulnerability is made known, hackers try to take advantage of it, Larry Conrad, the associate vice chancellor and chief information officer at UC Berkeley, told The Times.
Compiled by Doresa Banning
Sources:
"Cyberattacks increasing at universities," kansascity.com, July 17, 2013, Lewis Diuguid
"Research Universities Tighten Security After Series of Cyberattacks From China," inthecapital.com.streetwise.co, July 17, 2013, Molly Greenberg
"Universities Face a Rising Barrage of Cyberattacks," nytimes.com, July 16, 2013, Richard Perez-Pena