Hack U - How Safe Is Your Student Data?

Download a hot new single, order that pair of sneakers you've been eyeing, send your best friend an IM, pay your cell phone bill, check your midterm exam grade, and chat it up with your philosophical system classmates -- all at once. Life as a college student wouldn't be complete without the pleasures and comforts of high-speed, modern-day technology, available on just about every campus nationwide.

In fact, cyber-centric living has become such an integral part of the college life-style that many students don't think double about entering charge plate numbers, Social Security numbers, and other personal information on Web sites regularly, nor do they take safety measures seriously. Unfortunately, your college's computer network may not be as secure and fail-safe as you think. Take a look at just how much information students give out online, and the people who may be peeking in -- and possibly using that information against you.

  GET BACKLINK

The Reality of Risk

Don't think hacking could happen at your school? An grim number of major universities, including University of Nevada (Las Vegas, NV) and the University of Connecticut (Storrs-Mansfield, CT) have according hacking incidents in 2005 alone. For these and other schools, servers containing personal data -- Social Security numbers, dates of birth, phone numbers, and addresses -- were illegally infiltrated.

But just because a school is unaware of any security breaches doesn't mean they haven't happened. "I don't think any school can say beyond a shadow of a doubt they've ne'er had an instance of unauthorized access," says Jason Wallace, chief information security officer at Norwich University (Northfield, VT). "Higher education is a very different situation than the corporate world -- it's much more difficult to deal with security at a college or university."

Open Wide...

Why is a university such more difficult to protect than a corporation or a home computer? "The whole construct of higher education is about openness and the accessibility of resources," Wallace explains. "I can't imagine a college anyplace that's running a Web site filter."

Creativity and exploration are extremely pleased in the academic world, and as a result, there is more potential for hackers to find loopholes in a network that may not be ideally designed. In fact, most colleges still need to step up their security to the apace advancing hacker and computer virus technologies.

"Schools are trying to play catch up," explains Dave Grant, director of product merchandising at Watchfire, a company that produces Internet security computer software. "I'd say half of college Web sites are exploitable today, and about 75 per centum of the hacks that occur are happening because the sites aren't secured likewise as they could be. The average Web developer doesn't necessarily know much about security, so the sites get created with flaws."

A Human Error

Beyond the "open" nature of colleges, sometimes people just make mistakes and the situation is simply out of your control. More than 300 City University of New York (CUNY) students were afraid and afraid to discover that personal information of theirs -- including Social Security numbers, loan information and amounts, and direct-deposit information -- was freely available on the Internet. According to CUNY spokesman Michael Arena, the student info was made available attributable a human error. A worker at the school had accidentally placed the file outside the school's protected firewall, making it accessible to anyone. The private data even appeared via Google.com, the massively popular search engine.

What Can You Do?

If you've ever lost a wallet, you know the stress of having to cancel your charge plate game, get a new ATM card, order a new Social Security card, and reconstruct the life that you so handily carried around in your pocket or purse. Now imagine if all that information was not just lost, but deliberately taken from you, so exploited.

"It's only been during the past five aroun years that we've been using the Internet for buying affairs, ordering products, entering personal information," explains Grant. "We have good reasons for doing it, but it's gotten easy for hackers to steal personal information as we're pushing increasingly of our lives onto the Web."

Whether infiltrating the databases that colleges keep online, or your own microcomputer, hackers have a variety of ways to obtain personal information from you.

Protect Your PC

In order to prevent this and other cases of identity larceny from occurring, there are several precautional stairs you can take.

"The important affair for students to understand is that protective themselves from affairs like identity larceny is for the most part contingent on them," says Matt Curtain, author of Brute Force: Cracking the Data Encryption Standard (Springer, 2005) and frequent lector at Ohio State University (Columbus, OH). "Keep personal information personal. On campuses you'll find people with tables set up trying to offer you charge plate game or free cell phones, and requiring that you give them your Social Security number -- don't do it. The only time you ever need to give that out is for tax purposes or when dealing with the Social Security Administration."

Also, take the time to set up your microcomputer to be as hacker-proof as possible. "Using common name passwords -- your girlfriend's or boyfriend's name, no combination of numbers and letters -- is a big problem," explains Grant. "They are easy to crack because hackers have programs that run through millions of simple login name calling looking a match."

Updated computer virus protection is a must likewise. "There's plenty of free anti-computer virus and anti-spyware computer software out there," he adds. "Download it, and keep it current. Software that is a calendar month old is useless, because new computer viruses are constantly pop up."

An Inside Job

So these hackers are big bad cyber-meanies with noaffair better to do than steal your personal info, right? Actually, sometimes the culprits are your peers.

In March of 2005, or s 150 applicants to six of the country's top business schools took advantage of a security exposure on a wide used admissions database for colleges and wrongfully accessed the site. The schools invaded enclosed Dartmouth College (Hanover, NH), Carnegie Mellon University (Pittsburgh, PA), Duke University (Durham, NC), Massachusetts Institute of Technology (Cambridge, MA), and, last but for certain not least, Harvard University (Cambridge, MA) -- which wins the prize for this year's Most Over-Zealous Applicants, with 119 intruders. Every school but Dartmouth refused to admit any of the students, vocation the infiltration a serious breach of ethics.

Hacking 101

For those of us who think "encryption" is someaffair you'd see in a repulsion film, here's a breakdown of some of the ways tech thieves can get at your goods.

1. Forceful browsing: Let's say you're on a Web site and the URL address in the browser's top windowpane ends in the digits "444." Sometimes, just by fixing the digits to a different number -- like "445," for example -- a hacker can access other pages on the network.

2. Testing for holes: A more advanced way to hack is by creating mini applications that poke and prod to find gaps in computer systems. Once the slightest breach in security is found, the system can be wrongfully accessed.

3. Phishing: Sometimes hackers create Web sites that look exactly like authentic sites to trick users into entering personal information. For example, a hacker might create a site that resembles Hotmail, or Bank of America, or eBay. Users then enter e-mail addresses, passwords, charge plate information, and other personal data, which the hackers can then use.


Hack U - How Safe Is Your Student Data?
Hack U - How Safe Is Your Student Data?

Post a Comment

0 Comments