Security week warns students of computer crimes
Identity theft, Internet auction fraud and spam are common dangers in the world we live in, but Utah State University’s Think Security Week is making students aware.
Or at least Vice President of Information Systems Barbara White, hopes so.
“It’s important we start pushing this agenda on campus,” she said.
Four major issues facing USU are physical security, information security, personnel and training of personnel.
Think Security Week continued Thursday with a review of information and personal security on the Internet. Michael Allred of USU’s information technology systems presented information on protecting students’ computers from attack.
“An information systems administrator has to protect all the holes,” he said. “A hacker only has to get lucky once.”
There are not always severe penalties for violators but reporting a problem is always important, said Terry Powell, a member of the Utah cyber crime task force. Often times, when someone is scammed out of money, identity or personal information, it is part of a larger scheme, Powell said.
“Computers have changed crime as we know it,” she said.
Allred also presented classification information on hackers. Most, he added, are out there for annoyance, but it can be a big annoyance when an individual loses all the funds in his or her bank account or receives an e-mail with a virus in it. Those often turn into larger problems for the network, he added.
“People don’t realize identity theft is a low-tech operation,” Allred said. “They get your information from employer’s files, trash, hotel information and Web sites.”
Part of creating more security is taking responsibility. Miles Johnson, USU network systems specialist, stressed that when a person’s wall jack gets turned off, they blame him immediately but never wonder what they could be putting on the network that caused the shutoff.
“If you don’t take responsibility, you’ll get screwed,” he said.
Students’ main concern Thursday was the need to protect e-mail from spam. Robert Erbacher, associate professor for the computer science department, offered a PowerPoint presentation on the ways students can protect themselves from e-mail spam.
“Eighty-five percent of passwords are pathetic and useless,” he said.
Students should not use the same password for every account and each password should be at least eight characters in length. He added that when checking e-mail accounts on WebMail, USU students should always be clicking “Click here to enter secure mode.”
He said most students he teaches don’t even know they can do that. Erbacher also mentioned reading the “8 Steps to Increase Windows Desktop Security” also available on the WebMail sign-in page.
“You can filter e-mail,” Erbacher stressed.
He added, e-mail is non-encrypted; meaning anyone in the world can read it. Don’t send usernames, account information, phone numbers or passwords in e-mails, he said.
Powell spoke about the dangers of Internet sites selling phony products and in turn, aiding terrorism.
“Trust your instinct,” she said. “If it looks too good to be true, it probably is.”
She related a case her task force dealt with of a man who bought a car on the Internet and sent a cashier’s check for $28,000 to the seller. He never received the car and lost the money because he knew nothing of the man’s whereabouts or name.
“Always use the same credit card to purchase things on the Internet and make sure it has a [relatively] low limit,” she said.
Sending a cashier’s check or using anything like Western Union means you might as well be handing a wad of cash to the person, Powell added. He also said one should know the seller’s name and address, and if it’s a vehicle or other large item, go to the state where it’s located and physically see it.
“Whenever you buy anything, you normally touch it, smell it and see that it’s real,” she said.
Allred also reminded students to shred anything with personal information on it and to never meet someone face to face known only through Internet contact.
Scott Black, a senior majoring in business information systems, attended the forum in the hopes of learning some new ideas and finding out some new information. He was hoping the speakers would go into more depth about the subjects but said he did learn a few things.
“It was really nice,” he said. “I think [the speakers] had a deep understanding of the information but kept their presentations pretty basic.”
Next year, during Think Security Week, Black suggested they might want to set up the same lectures or programs but on different levels so it’s a little more catered to people’s previous knowledge.
Powell’s remarks centered on the changing face of crime and how computers have altered the world we live in. Johnson added that IT security people hate change, but to compete in the world, innovation is key to success.
He said, if USU is creating independent thinkers, it needs to create an environment where mistakes can be made and innovative ways can be created to fix them.
-ireneh@cc.usu.edu