University fails to notice hack attack
/v3-uk/news/1965554/university-fails-notice-hack-attack
14 Jun 2007, Iain Thomson , V3
Faculty members at the University of Virginia have had their personal records hacked, including salary details and social security numbers.
The hack, which is believed to have gone undetected for two years, netted details on over 6,000 staff who had taught at the university from 1990 to August 2003.
The hacker defaced a web page on the university's portal and when IT staff cleaned up they found evidence of the attack.
"We sincerely regret the distress this causes to our colleagues," said James Hilton, vice president and chief information officer at the University of Virginia.
"This theft adds greater urgency to our ongoing effort to remove Social Security numbers and other personal information from databases that could be accessed through the internet and potentially abused.
"The University is continually modifying its systems and practices to enhance the security of sensitive information and training its employees in data protection."
But experts have expressed surprise that the hacking attack went undiscovered for so long.
"Security system failures are becoming a fact of life in the modern IT environment, especially when IT managers rely on a single security technology to protect their systems," said Phil Higgins, a senior partner with IT consultancy Brookcourt Solutions.
"But a failure lasting two years? Come on. Modern day hackers, as shown by the University of Virginia hack, are sophisticated internet users, and it takes a sophisticated best of breed multi-product approach to tackle the problem."
Do you agree?
Proactive steps need to be taken by universities to tackle this problem.
There are many ways an organisation can protect itself, beyond physical measures. The failure in detection was probably exacerbated by an inadequate view of the output from defensive systems. For instance, when you look at the event log on even your own home firewall, there are thousands of potential ?attacks?. Many of these are spurious, but the real ones are hidden in the volume of data output from the firewall software. Now if you ramp this up to the level of an organisation, this volume of data increases incrementally. It is a sure thing that the attacker / attackers sniffed out the weaknesses in the university defenses well before they got through. If they had suitable analytic capabilities which could model attack typologies, then this would create suitable alerts which could have brought the potential of a breach in security to the attention of IT staff well before the event ? giving them ample opportunity to exclude the hacker from the system. Too often the output from firewalls and other defenses are ignored ? to the peril of the organisation ignoring them.
Posted by Bart Patrick, Risk Strategy Manager, SAS UK, 14 Jun 2007
Hack Attacks
It certainly makes you think! Our government wants us all to have identity cards and put all of our personal details - including DNA, fingerprints, etc. into a huge database! Ciber criminals will have a field day! We all know that Government databases would be easy to hack into because Governments are always looking for ways to save money! They would be very lax in their security!
Posted by Gemini, 14 Jun 2007
This recent incidence calls for heightened measures among universities
There are many ways an organisation can protect itself, beyond physical measures. The failure in detection was probably exacerbated by an inadequate view of the output from defensive systems. For instance, when you look at the event log on even your own home firewall, there are thousands of potential ?attacks?. Many of these are spurious, but the real ones are hidden in the volume of data output from the firewall software. Now if you ramp this up to the level of an organisation, this volume of data increases incrementally. It is a sure thing that the attacker/s sniffed out the weaknesses in the university defences well before they got through. If they had suitable analytic capabilities which could model attack typologies, then this would create suitable alerts which could have brought the potential of a breach in security to the attention of IT staff well before the event. Giving them ample opportunity to exclude the hacker from the system. Too often the output from firewalls and other defences are ignored ? to the peril of the organisation ignoring them.
Posted by Bart Patrick, Strategy Manager for Risk, SAS UK, 18 Jun 2007