|What this means to you . . .
If you are a student or a parent:
- Your personal identification, health and financial data may be at risk and make you vulnerable to identity theft or fraud.
- This may leave your financial data susceptible to hackers and result in widespread identity theft potential affecting the whole family.
If you are a professor, researcher or university employee:
- Your intellectual property (IP) including research and development projects and proprietary coursework are at risk.
- Additionally, as with students or parents of students, your personal identification, health and financial records are at risk and could
leave your vulnerable to IP theft, identity theft, and fraud.
If you are a business person who relies on the Internet:
- Commercial organizations have been affected by malicious attackers, using universities as a conduit, with increasing frequency
over the years. A notable incident occured in Spring 2000, when eBay, Yahoo and other websites were brought down by a high-
profile string of distributed denial-of-service (DDOS) attacks.
- In the past, a security breach at a university usually meant that someone had pulled the fire alarm at a residence hall at 2 a.m. The
DDOS attacks—in which hackers often hijacked university systems to overload an e-tailer's Web servers with so many bogus
requests that they couldn't respond to real ones—brought to light the vulnerability of the nation's universities.
If you are a government employee:
- The government’s frequent collaboration with universities on projects ranging from high-technology solutions, cutting-edge
research to process improvement for agencies, can impact your personal and work-related information.
- Students may not be vetted or background checked before involvement in projects impacting your agency.
- Hackers often target students who wish to demonstrate their prowess or seek previews of movies and music. They ask for access
to other universities or government agencies and, in this way, create a virtually untraceable network of hacks across universities
and into the government, where they can move around freely.
If you live in the United States:
- In the struggle to balance the desired openness of academic institutions with the need for network security, colleges and
universities may be the weakest link in the chain of critical infrastructure security. Perhaps the most frightening incident in which
universities’ vulnerabilities can be exploited is a dedicated-denial-of-service attack (DDoS) on the U.S.
critical infrastructure, in which university computers unwittingly serve as zombies.
- A more gradual, but certainly crippling, effect on public safety and security arises from financial losses incurred by
institutions: an informal Chronicle of Higher Education survey of nineteen research universities (March 2003) shows that each spent
an average of $299,579 during a five-week period last summer to undo the havoc wrought by the Blaster worm.