JSM_hacking (1).jpg

Myth: USU’s online library database hacked by Chinese academics accessing research materials

Bob Bayn, a Utah State University security analyst with the department of IT, said certain hackers attack research universities to access online research materials such as USU’s online library database. The hackers attempt to access research material or try downloading online journals and books to sell in other countries for a profit.

“To a certain extent, hackers do focus on research universities,” he said, “But we are also just apart of the internet landscape of machines to compromise.”

Paul O’Donnell, a computer technician with the Merrill-Cazier Library, said the library receives attacks from IP addresses from Eastern European countries, China and Russia. But it is impossible to know where the attacks are coming from because some hackers can mask their IP addresses to look like they are in other locations.

“Hackers can mask their IP addresses so it appears that it is from the UK, but really it might really be from China,” he said.

Garth Mikesell said nearly 15 years ago, USU’s firewall was weak and people from all over the world would easily hack into the system and steal information. However, he said USU has come a long way in upping its security.

“I believe USU has one of the best IT teams in the nation,” he said.

USU’s Department of IT is in charge of 31,000 computers campus-wide, plus they help maintain the other devices people bring to campus, like their smartphones. They are consistently building, patching and strengthening USU’s computers from attacks from all around the world.

And no, the IT team does not search through your emails, said Bayn.

“The university receives millions of emails a day; we would be bored searching through all of those,” he said.

Bayn said being a online skeptic is the smartest route to take when using the web. If someone is too paranoid then they won’t get anything done, but if they are too gullible and trusting, chances are they will get hacked and their personal information could easily be compromised.

“We live in a place where you can believe and trust a lot and everything turns out fine,” Bayn said, “But when you are on the Internet, you are not necessarily safe.”

The department of IT has tips for students and staff members:

  • Be a skeptic.

  • All real email messages about students USU email accounts will come from usu.edu email addresses and only have links to usu.edu webpages.

  • USU.com is not the same as usu.edu.

  • Hackers will simulate emails that look just like common agencies, but the likes will take people to a hacked website that may attempt to seat passwords or download malware.

  • Hackers can send email attachments that contain malware that can steal identities or take over a computer when the attachment is open.

  • Don’t fall prey to blank of vague messages begging to open attachments or links that can affect your computer.

  • Does the email have a free offer? If they give someone what is expected, they will probably have taken personal information or control of the computer without informing the owner.

  • Don’t click on a link that shows a different address than what is listed when hovered over by the cursor.

  • Create strong passwords with a minimum of eight characters and a combination of numbers, letters, capitalization, punctuation and characters.

  • Use different passwords for every account.

  • Never store passwords on a computer or device. Instead, use a password manager.

Bayn said the system was compromised last weekend. A Utah State staff member was phished after they received an email they believed to be from the Department of IT regarding the upcoming university-wide email change for the staff and faculty. It is true the university is moving the email storage from on-campus to an off-campus cloud storage system. But the email was sent from a hacker, not IT. Unfortunately, someone fell for the bait and they gave the hacker secure information.

“Then the hacker sent out 90,000 emails overnight from that person’s email within USU’s network, phishing for more information,” Bayn said.

That was the third known time all year that someone successfully phished USU-related material.

Miles Johnson is the team coordinator for the department of IT. He said regularly maintaining USU’s hacking and phishing problem is extremely important when it comes to keeping USU hack-free.

“It is like weeding a garden,” he said.

— morgan.pratt.robinson@gmail.com

@morganprobinson

Categories
AllCampus CrimeCampus NewsNews
Tagged
Bob BaynChinaDepartment of ITGarth MikesellIP addressesMerrill-Cazier libraryRussiaUSU

Twitter

USU Classifieds

Loading Recent Classifieds...

Archives

Back to Top