A number of research universities across the United States are increasingly under threat of cyberattacks, most of which are thought to originate in China, with millions of hacking attempts occurring on a weekly basis.
While university officials do admit that some of these attempts have been successful, no specifics have been released relating to what has been taken, other than personal data such as Social Security numbers. In many cases the break-ins have not been discovered until much later, if at all. Even after the discovery, the officials say it is often difficult to determine what information has been taken.
Student data isn’t the only sensitive information in university computer systems. Thousands of patents are awarded to American universities each yea, and some carry high potential value in such fields as prescription drugs, computer chips, fuel cells, aircraft technology and medical devices.
“The attacks are increasing exponentially, and so is the sophistication, and I think it’s outpaced our ability to respond,” said Rodney J. Petersen, who heads the cybersecurity program at Educause, a nonprofit alliance of schools and technology companies. “So everyone’s investing a lot more resources in detecting this, so we learn of even more incidents we wouldn’t have known about before.”
According to Tracy B. Mitrano, the Director of Information Technology Policy at Cornell University, detection is “probably our greatest area of concern, that the hackers’ ability to detect vulnerabilities and penetrate them without being detected has increased sharply.”
She went on to say that while most of the attempted hacks have appeared to originate in China, though their real origin remains unclear because hackers are skilled at having their work bounce around the world. This means that it is difficult for officials to determine whether the attacks come from private hackers or from a governmental source, writes Richard Perez-Pena for The New York Times.
Analysts do have the capabilities to track where communications come from. However, hackers typically take a route through multiple computers and countries, and most often it is too expensive for individual universities to invest in trying to determine the original source.
Meanwhile, the increase in attacks has many schools across the country rethinking the open style that their computer networks currently operate on, although many say they do not want to build too strong a fortress.
“A university environment is very different from a corporation or a government agency, because of the kind of openness and free flow of information you’re trying to promote,” said David J. Shaw, the chief information security officer at Purdue University. “The researchers want to collaborate with others, inside and outside the university, and to share their discoveries.”
In the meantime, schools are taking other measures, including changing passwords, encrypting student records, and in some cases, prohibiting the use of services such as DropBox, writes Matt Zalaznick for University Business.
“All it takes is one thumb drive, one hard drive, that gets lost that can cost you millions of dollars in sanctions from the attorney general,” says Jonathan Rajewski, assistant professor of digital forensics at Champlain College in Vermont.