Close up of a network rack by Flickr user Kev. (Creative Commons: Attribution/Share-Alike 2.0)
By Megan Schellong
I am like any other millennial: glued to her phone, immersed in the blue light that’s slowly killing my eyesight and keeping me from the next thing on my to-do list. When I’m not using the internet to catch up with my acquaintances lives’ on Facebook, I’m probably on my school portal. This portal is, in a sense, the equivalent to my online assignment drop box. It’s where I go to access class resources and discussion forums. When I’m on campus, I usually type in the URL and I’m there. Boom, no problem. But one day, I went about my normal internet browser routine and I couldn’t get online. I tried Facebook. Nothing. I tried the Cal Poly domain. Nothing.
Embittered by the wi-fi’s inability to meet my social media and school needs, I decided to look into why I wasn’t able to connect to the server. After talking to some of the information technology services staff on campus, I uncovered the cause of the inconvenience.
It turns out, Cal Poly’s firewalls, the gatekeepers of legitimate and malicious traffic, aren’t as strong as they should be. If firewalls aren’t able to perform their function, universities become vulnerable to cyber security attacks.
On a national level, the strength of cyber security features, like cookie verification (yes Yahoo, we’re looking at you), could make or break the safety of the billions of user accounts. Hackers can have ties to foreign governments -- just look at the recent federal indictments of Russian operatives for a 2014 breach of half a billion Yahoo accounts.
But despite measures in place, like the firewalls within the California State University system, Cal Poly is constantly under attack.
Cal Poly Information Technology Services Deputy CIO Ryan Matteson told me Cal Poly is being attacked right now, every hour of everyday. It’s simply part of being on the internet today.
Attacks include things like distributed denial of service (DDoS) attacks, which overload websites with traffic, and cyber-crimes like phishing and spam, which attempt to steal passwords and collect credit card information.
It’s not just Cal Poly that’s a target, it’s higher education in general. Universities contain large amount of sensitive information, including social security numbers, passwords and personal information. All of these educational institutions are vulnerable to cyber security attacks.
Some hackers just hack for practice, according to Cal Poly computer science professor Zachary Peterson. In a sense, universities are like guinea pigs for hackers looking to carry out their attacks on a larger scale.
From a global perspective, people initiating these attacks could come from anywhere: around the world, around the country or even a neighbor living next door. A 2014 article in our campus newspaper, the Mustang News, showed that phishing emails to Cal Poly came in from countries as far away as India, China, and Russia.
There’s not that much that can be done. While hacking into a computer system is illegal, criminals online are rarely caught. An attacker’s physical location is not always the same as where the computer attack comes from, Matteson told me.
When hackers escape retribution, universities are left with a muddled network and bitter wifi-less users, taking a toll on a 21st century campus. Nonetheless, universities must find better ways to secure their networks. Current methods of improving university internet networks include stronger filters within firewalls, more education for campus users, and software updates, Peterson said.
However, software updates aren’t a bargain; in fact, they cost millions of dollars. While some anti-virus software is affordable for individuals, like Norton and McAffee, costing between $20 and $50 dollars each, at a university level, costs are much larger. The California State University System allotted $25 million dollars to maintenance and utility infrastructure needs in the 2016-17 year, but the system’s budget report did not specify how much was allotted to network security. To paint a rough sketch, a company of 30 to 50 employees may need to spend $50,000 dollars to keep its internet security in check, according to a report by the Associated Press
So what seems to be a nuisance in my daily social media activities turns out to be a microcosm for what’s really going on: cyber security’s pitfalls.
Without proper security measures -- like ways to prevent cookies from being replicated and cyber footprints from being cleared -- we all face consequences as severe as identity and credit card theft. To better secure themselves, universities will have to view the issue of cybersecurity with the same seriousness as the IT professionals and computer science professors they employ.
While students like me can change our passwords and keep our computer software up to date, universities must also take the driver’s seat and steer us in the right direction. They can’t ignore roadblocks disrupting traffic flow within their networks. In the digital age, universities and students must prepare themselves for the worst-case scenario.
Megan Schellong, 20, attends California Polytechnic State University in San Luis Obispo, California.
Youth Radio is youth-driven converged media production company that delivers the best youth news, culture and undiscovered talent to a cross section of audiences. To read more youth news from around the globe and explore high quality audio and video features, visit YouthRadio.org