Sidebar 1-2: Why Universities Are Prime Targets
Universities
make very good targets for attack, according to an Associated Press story from
June 2001 . Richard Power, editorial director for the Computer Security
Institute, has reported that universities often run systems with
vulnerabilities and little monitoring or management. Consider that the typical
university research or teaching lab is managed by a faculty member who has many
other responsibilities or by a student manager who may have had little
training. Universities are havens for free exchange of ideas. Thus, their
access controls typically are configured to promote sharing and wide access to
a population that changes significantly every semester.
A worse
problem is that universities are really loose federations of departments and
research groups. The administrator for one group's computers may not even know
other administrators, let alone share intelligence or tools. Often, computers
are bought for a teaching or research project, but there is not funding for
ongoing maintenance, either buying upgrades or installing patches. Steve Hare,
managing director of the computer security research group at Purdue University,
noted that groups are usually strapped for resources.
David Dittrich, a security
engineer at the University of Washington, said he is certain that cracker(s)
who attacked the eBay and CNN.com web sites in 2000 first practiced on
university computers. The large and frequently changing university student body
gives the attacker great opportunity to maintain anonymity while developing an
attack.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2023 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.