From training to hiring outside agencies to protect data, colleges are becoming more aggressive about cybersecurity.
After instances ofInternet security breachesin academic and corporate settings, some colleges and universities are looking to tighten cybersecurity and stop hackers.
Cyber hacking, or the practice of breaking into computer networks to gain information, is becoming increasingly common, according to Greg Eller, the chief information officer at Northwest Florida State College.
This Tallahassee-based school fell victim to a hacker at the end of last year after a server upgrade left one folder in the network unprotected, says Eller. The folder contained the personal information — such as social security numbers, phone numbers and addresses — of many students, he says.
After the incident, the college employed Digital Defense Incorporated, which provides safety education and performs regular checks on businesses’ network security, according to the Texas company’s website. Eller says this group now analyzes his college’s system every three months.
“They assist us with information security,” he says. “They look at our environment and let us know when we need to tweak something.”
In making these adjustments and further diminishing network vulnerability, or a flaw in a system that can make it easier to breach, Eller says he hopes to stop this kind of problem from happening again.
He suggests other school administrators employ other technology defense companies and learn about hacking.
“There are bad guys out there trying to get in,” says Eller. “The best thing we can do is train ourselves and educate ourselves about them.”
The people who lifted information from Northwest Florida State’s server were criminals looking to sell the data, and the incident remains under investigation, Eller says.
Foreign and domestic companies and entrepreneurs attempt to hack universities for many reasons, according to an April 2011 report prepared by the FBI’s Counterintelligence Strategic Partnership Unit.
These can be to steal information, learn of research and recruit students for espionage, among other reasons, according to the document.
Some schools are training students to build a defense against these kinds of attacks.
The Polytechnic University of New York offers a master of science degree in cybersecurity. The program, developed 10 years ago, aims to secure important information on the web, said Kathleen Hamilton, the university’s director of marketing and communication.
Penn State and University of Maryland have similar programs.
Polytech’s program provides an interactive setting, in the form of a computer lab, where students can collaborate and research new network bypass techniques, Hamilton said.
Each year, the university puts on an offensive security competition called “Cyber Security Awareness Week Capture the Flag: Application Security Challenge” during October or November. Here students and industry professionals are given security challenges in the form of code, and must use their skills to find the vulnerabilities in the system, said Julian Cohen, a 22-year-old computer science senior at the university.
Cohen, who has participated in the competition, explained code flaws as a structural problem that could cause a bridge to fall down. If a hole exists, benevolent or malicious attackers could take advantage of a system, he said.
In coursework Cohen learned how to detect vulnerabilities and build defenses against them, he said.
He suggests students and schools concerned about hacks download virus detectors, and newer software called “sandboxes.”
A sandbox is different than malware detector in that this program will contain a virus or hack to the platform where the attack occurred. The detector will only alert a user of a software breach after the fact, and the virus or attacker can infiltrate the rest of the system, said Cohen.
He said using up-to-date software secure passwords and only downloading from trustworthy sites will decrease hacking as well. Learning about the kinds of attacks that occur on the Internet helps as well, he said.
Polytech offers “Hack Night” at 6 p.m. on Wednesdays during the semester where the public is welcome to the New York campus to talk security and learn protection techniques, Cohen said.
“It is so important to learn about vulnerabilities,” said Cohen. “It gives you a unique perspective on security.”
In an earlier version of this article, the name of the Polytechnic University of New York’s Cyber Security Awareness Week Capture the Flag: Application Security Challenge was misstated. The correction is now reflected in the article above.
Jackie Tempera is a Summer 2013 USA TODAY Collegiate Correspondent. Learn more about her here.