When students returned to campus, they brought along the usual assortment of dorm paraphernalia and clothing, stuffed animals and iPods. But, as happens every year, with their personal computers also came some unwelcome stowaways in the form of hackers, computer worms and viruses.
Not only could these invaders compromise BGSU’s computer network and students’ work, but so-called “bot” systems that amass control of computers could potentially be secretly installed—unbeknownst to the student—and eventually used to launch attacks on other systems. “We don’t want to be a part of that,” says Matthew Haschak, the University’s director of information technology security and networking.
Happily for BGSU—like the sheriff in a Western waiting to intercept the “bad guys” before they reach town—the information technology security team was on guard and watching for them. Working in a tightly controlled center featuring high-tech monitoring and multiple screens on which to track the action on the campus computer network, Haschak and his team keep an eagle eye on network utilization and the identification numbers of those interfacing with the BGSU network.
“With about 6,500 computers coming in with students and more than 9,000 BGSU computers on campus, we have a lot to manage,” Haschak says. “We’re constantly scanning to beat the bad guys to the punch.”
The team was working during move-in weekend and had already been monitoring the “early arrivers”—athletes, music and graduate students—to “get a good baseline,” explained information security analyst Brian Grime.
At the security center, various devices that watch over all the campus servers and Internet connection look for spikes in activity that could signal an attempted attack. The University has multiple firewalls to fend off attacks, typically taking 200,000 hits an hour. “We want to look to see what it’s blocking—is the unusual activity an actual hack or is it because a computer is not configured correctly,” Haschak said. BGSU uses the Audible Magic application to deter illegal file sharing, he added.
The center also houses BGSU’s forensics lab, where Information Security Analyst Erik Evans and others examine computer hard drives and other equipment for evidence of illegal use.
While several years ago, hackers tried to break into systems mainly to show off, today the concern is identity theft, Haschak said. Other sinister uses of computer control also exist, keeping the computer security team on constant alert. One of the many colorful screens they monitor displays “hot spots” of criminal computer activity around the globe, and the team is in contact with colleagues at other institutions.
Of all their concerns, “what rises to the top is anything that involves a life or safety issue, which is rare,” Haschak said. Second highest priority is given any compromise to the system involving sensitive information, and third is the threat of being invaded by a “bot” network, which is used by criminals to launch “denial of service” attacks on other systems.
Though it sounds like something out of a James Bond film, “it’s all out there,” Haschak said.
Fortunately, in recent years a number of factors have decreased some of the risks, he said. Software vendors such as Microsoft have improved their focus on security, and general users are much more aware. “We’re all much more proactive to find these systems,” he said.