. . . social media and the openness of the internet can be a big problem, says Darren Hayes, an assistant professor at the Seidenberg School of Computer Science and Information Systems at Pace University in New York.
“With government-sponsored attacks, these happen over time, so they have staff who can spend a lot of time working on reconnaissance about different organizations,” says Hayes. “Lots of organizations, including universities, don’t often realize how much information they give out on the internet.”
For example, an institution may post an IT job opening on Monster.com or its own website that lists the computer systems, hardware, or software that candidates must know how to use.
“If their post says a candidate needs to be an expert on the IBM 5700, suddenly somebody knows they have an IBM 5700 and they know the vulnerabilities of that system,” Hayes says.
Members of an institution’s IT department may have a LinkedIn profile that lists their employer, position, and the hardware and software at which they are proficient. Also, IT staff may use internet forums to ask industry colleagues for help fixing a computer system. This provides hackers more valuable clues about an institution’s network, Hayes says.
But colleges and universities may not even be aware of the most sophisticated attacks until they are already well underway. Therefore, institutions need IT staff with a new range of “cyberforensic” skills to identify the virtually microscopic changes in a computer network that indicate an infiltration. “It can be something as simple as a couple of lines of code changed in a registry file,” says Hayes. “We’re talking about very, very small changes that traditional security tools do not pick up.”
Read the article in University Business.