Related Links


ISIS at UF  

UF Net Services




Breaches in the System

Even with the use of passwords and firewalls, networks are not infallible. There have been some incidents at major universities where the network has been illegally accessed at the detriment of the university student or faculty member.
There are two kinds of people that university networks should secure against: “hackers” and “crackers”.

“Crackers” are people who seek to use their expertise to break security systems. “Hackers” are people who try to break into systems using their expertise for illicit purposes. The art of “hacking” was made known in the mid-1990s when the internet became huge. In the movie “Hackers,” Angelina Jolie and Johnny Lee Miller break into many systems, including their university network to set off the sprinklers.

The following are recent examples of “hacking” and “cracking” at major universities.

In March of 2003, online hackers broke into the network of the largest university in the nation. The University of Texas, which boosts of having more than 55,000 students and faculty members, was faced with one of the largest security breaches at a university.

A 20-year-old UT student hacked into the network and stole information on the 55,000 students and faculty. The student used millions of randomly generated Social Security numbers to request records from the school’s database.
While there was no evidence that the student used the information for evil causes, such a breach in a network could cause a potential frenzy, causes people to distrust the Internet.

According to the Washington Post, the UT student turned himself into Secret Service on March 14. Agents found the information on the student’s home computer. The student could face as much as five years in prison and be forced to pay $500,000 in restitution.

Another serious security breach occurred at Boston College last October when a BC student illegally accessed the personal identification numbers and Social Security numbers of students and faculty. The student, Douglas Boudreau, found a security hole in Microsoft Windows in a public computer on the campus. Boudreau installed keystroke-capturing software.

According to the The Register, a British computer-related journal, a student was indicted by a Massachusetts grand jury for unauthorized access to a computer system, breaking and entering, identity fraud and interception of wire communications. Unfortunately, neither a firewall nor a virus protection program could stop the breach in security performed by the student.

BC quickly addressed the security breach and employed Internet Technology (IT) to fix the hold in Microsoft Windows and check for any other holes in the network. Because of such an infringement in security, the university warned students and faculty to change their PINs.

In January, an Ohio University senior put the security of the university network to the test. Jeremy Valeda, the information-systems manager for the OU Senate, accessed personal information of four members of the University Senate, including Social Security numbers, tuition payments and grades. Trying to point out the system was not secure; the Office of Judiciaries reprimanded Valeda. Valeda was fired from his position as information-systems manager, whose responsibilities were to maintain the security of the Senate Web site, not access information on the Senate board members.

In November 1998, hackers broke into the network at Stanford University. The hackers entered from Sweden and Canada. The systems were vulnerable because security measures were not properly installed into the computer network. Hackers entered via the Internet and installed a sniffer, a program that steals data. The hackers were able to invade the first system when they discovered the security hole and then ventured into other university systems. The security breach wasn’t discovered for a month. By then, 5,000 user passwords were tampered with and used. The hackers modified parts of the university network.

Leah is sad because she just found out that her personal information was illegally accessed by a hacker.



Security Breaches|Types of Security|Information Technology|Bibliography|Home

By Patrick Lombard


Other Links:

Washington Post

The Register

Ohio University

Univ. of Texas

Stanford Univ.