Universities strike back at hackers

Carnegie Mellon University in Pittsburgh has implemented an IT security course in its computer science department.

Data breaches and increased phishing attempts have affected colleges across the nation, making students’ data vulnerable to being stolen.

Colleges in recent years have faced an increase in cyberattacks from hackers in the United States and abroad. “We get 90,000 to 100,000 attempts per day, from China alone, to penetrate our system,” Bill Mellon, a dean at the University of Wisconsin, told The New York Times in 2013.

This year, 310,000 records, including Social Security numbers, were stolen from the University of Maryland, and nearly 14,000 students and staff were victims of a cyberattack at Auburn University’s College of Business. While hackers are often from outside targeted universities, sometimes the threat may come from within. A Purdue University student has been sentenced to 90 days in prison because he hacked the university system to change his grades. Increased attempts to hack college databases have prompted institutions to revamp their security measures.

Students join the fight against hackers

As centers of research and innovation, universities are fighting back by bringing hackers on board. The best way to fight hackers is with hackers – that’s the philosophy of several universities. Carnegie Mellon University in Pittsburgh has implemented an IT security course in its computer science department. Students are required to think like hackers by finding and reporting vulnerabilities across the data centers of businesses and universities.

This novel idea has been dubbed “offensive computer security,” and it had previously been neglected in the mainstream data security industry. Now, students are joining the fight by going on the offense and finding vulnerabilities before hackers can.

There are difficulties in this fight, mostly stemming from how quickly attackers can adapt to changing security updates. Carnegie Mellon’s course on computer security is particularly hard to teach because “the brand-new, cutting-edge cyberattack of today will be available to anyone with a Web browser by next week,” said computer security professor David Brumley in a PBS special on the subject.

The federal government has recognized the potential of promoting and teaching hacking to students who are interested in defending data security. The National Security Agency has tapped Carnegie Mellon’s team to help design curricula for high school students interested in joining the fight against hackers.

Funding professors to build resiliency

Universities are also increasing funding to their computer science professors and research teams focused on IT security.

Researchers from Keene State College in New Hampshire, for example, have received national attention in their work against malware. Professor Wei Lu, the head researcher on this project, has lamented that malware and vicious attacks on universities are “getting worse and worse,” according to the Keene Sentinel.

Tennessee State University has granted $101,000 in funding to a Pennsylvania State University research team dedicated to developing an advanced intrusion-detection system. Currently a prototype, the project would help both universities address hacking threats.

“We want to see whether the technology can scale to the real world,” said Peng Liu, a professor at Penn State’s College of Information Sciences and Technology and a researcher on the project.

These creative methods in fighting malicious hacking and data security breaches are a leap forward in combating cyberthreats.

[via TechPageOne.dell.com ]