IRT: Attentiveness is key against cyberattacks

Posted on by

St. Thomas Information Resources and Technology officials say vigilance is the key to preventing a cyberattack on the university like the one against the University of Maryland last month, which exposed more than 300,000 people’s information.

In the aftermath of the attack—the latest in a string of cyberattacks that have affected corporate giants like Target—University of Maryland officials announced the university is now undergoing extensive forensics and analysis to determine how it happened and the extent of the breach.

Vice President of Information and Resource Technology Sam Levy said St. Thomas uses a combination of protections systems and human diligence to ideally prevent cyberattacks before they happen.

Junior Zackary Jerabek works the Tech Desk for Information Resources and Technology. This department manages protection systems that prevent cyberattacks against St. Thomas. (Rebecca Mariscal/TommieMedia)
Junior Zackary Jerabek works the Tech Desk for Information Resources and Technology. This department manages protection systems that prevent cyberattacks against St. Thomas. (Rebecca Mariscal/TommieMedia)

“You want to be watching all the time, so you can stop it (an attack) before it gets too far,” Levy said.

The attack at the University of Maryland exposed the social security numbers, dates of birth, names and school identification numbers of students, staff and faculty, according to the university’s official report. Levy said the source of the breach was the university’s identification card system.

“They used social security numbers as the ID number, which most people stopped doing years ago,” Levy said. St. Thomas has been using random numbers for more than 13 years, he said.

Levy said St. Thomas’ technology program has multiple levels of security.

IRT Director Christopher Gregg said St. Thomas has an identity management system and a system of usernames and passwords used for protection against attacks.

“We have a series of network security controls that allow us to manage network access, both within the campus and then coming at our systems from off campus,” Gregg said. “That helps to manage accounts and who should have access to what.”

Another key form of protection for St. Thomas is staying up to date on vendor patches. Levy said these are fixes that vendors, such as Microsoft, provide when they detect vulnerabilities within their own system.

“(The updates) are always applied within a short period of time after testing,” Gregg said.

St. Thomas participates in both external and internal audits to protect against cyberattacks. External audits involve bringing in an outside party to test the protection.

“You need to have people from the outside that you hire to attack the systems and see if they’re vulnerable,” Levy said.

Internal audits follow the same process but from within the university itself.

“We do our own penetration testing and scan our own sensors against potential vulnerabilities and then address those as we find them,” Gregg said.

Despite the University of Maryland cyberattack, some students still have confidence in data security.

“I hadn’t heard about that (University of Maryland incident), but I think St. Thomas is pretty good about that kind of stuff,” freshman Jenna Dixon said.

Other students remain unconcerned about attacks.

“I’m not really too worried about it,” senior Daniel Blattner said.

The main threat against St. Thomas’ systems is socially engineered attacks, Gregg said. These involve phishing emails or a hacker coming onto campus to try to get information out of people, he said.

“You may have security in place, but if someone essentially tricks someone into getting their credentials, they could use those credentials for inappropriate purposes,” Gregg said.

Junior Zackary Jerabek, a Tech Desk student worker, said he has never personally received any phishing emails, but IRT does deal with those received by community members.

“We do see some stuff coming in from staff where they do get emails,” Jerabek said. “When I do see it, it’s dealt with very quickly.”

After an attack like the one in Maryland, only a few steps can be taken to address the problem, Gregg said.

“The authorities investigate to figure out what happened so you can make sure it doesn’t happen again,” Gregg said. “Then do the best you can do to remedy the issue with those people who lost information.”

These are the steps that the University of Maryland is following, according to the official report. University security personnel are working with state and federal law enforcement agencies and other investigative bodies to discover how the hackers penetrated the security system, the university officials said. They are also offering remedies to those affected in the form of extended credit protection services, the report said.

Levy said he hopes St. Thomas will never have to deal with an attack of this kind, but he is realistic about the chances.

“You need to always be vigilant, but at the same time you want to be confident with your system,” Levy said.

Rebecca Mariscal can be reached at mari2162@stthomas.edu.