Security Spotlight
What's on Your School's IT Threat List?
The Georgia Tech Information Security Center (GTISC), a national leader in information security research and education, recently released its Emerging Cyber Threats Report for 2009, outlining the top five areas of security concern and risk for consumer and enterprise Internet users for the coming year. In it, the GTISC forecasted five key cyber security areas where threats were expected to increase and evolve.
To find out what the organization thinks about cyber security for higher education institutions, we interviewed its director, Mustaque Ahamad. Here's what he had to say.
Campus Technology: Off the top of your head, what were the most significant findings of this report?
Mustaque Ahamad: Namely that the threats are growing in sophistication and becoming more and more difficult to detect. It's also getting harder to figure out exactly what they are, be they malware, botnets, or viruses. Additionally, with the increased usage of smart phones and other devices--many of which now store sensitive data--we're seeing threats migrating to those types of platforms. Finally, we have picked up on the fact that many of the criminals are doing this to make money and, as such, are creating entire business models that exploit the technology of individuals and institutions.
CT: How vulnerable are higher education institutions at this point?
Ahamad: Typically they work with more open environments, and they also have tons of resources that are very attractive to people on the "other side." Criminals who control a lot of machines that do botnets, for example, must look for a high number of machines to attack. Many of those machines can be found on college campuses, which again are usually using open environments that are stocked with resources. For example, many of these crimes are data-driven right now, with criminals going after the identity information, credit card data, and so forth that many schools maintain on their students and faculty.
CT: What threats are at the top of the list for administrators?
Ahamad: Those in the academic setting should be most concerned with botnets and malware, the latter of which can compromise your machines, while botnets basically "change" those machines into resources that hackers can use to commit crimes.