Cyber attacks are on the rise. Information is stored online that viral attackers are after, and as technology advances, so do their methods of attack. Cyber security measures need to be put in place in order to ensure a safe online environment.
“We are constantly under attack,” Robert Vaile, director and chief information security officer in K-State’s information security and compliance, said. “We have to work constantly to avoid the threat.”
Hackers often attempt to get to K-State’s networks through phishing emails. Phishing emails seek to gain username and password information from a network’s users. Vaile said he estimated that around 796,000 spam emails are received daily, and they can reach anyone with a K-State email account.
“There is a heavy likelihood of being fooled,” Vaile said.
Along with phishing emails seeking user credentials, spam emails contain malware which can potentially steal data or encrypt a computer so a user cannot access their data. The danger, however, does not end there.
Phishing emails can be the beginning of an “advanced persistent threat.” These threats take place over extended periods of time, beginning when an attacker gains a user’s credentials. Over time, the attacker learns about and maps out a network. Eventually, the attacker gains control over the storage system and has access to the network’s data.
Simon Ou, associate professor in computing and information sciences, is conducting research on how to identify security breaches in a network early on. He said he hopes to analyze data in the network so malicious activities can be identified before heavy damage is done.
“A big challenge is that this is a highly sophisticated investigation,” Ou said. “Sometimes, it is hard to distinguish from the data if it is benign access or a malicious one.”
According to Ou, it can be very hard to fully secure a network as large as K-State’s.
“A key part of this is to improve the efficiency of the security team’s work,” Ou said.
One way K-State’s security team protects the network is by using firewalls. These are computers between K-State’s network and potential attackers.
“If a connection isn’t what we want, it is denied access to our networks,” Vaile said.
Protection measures also include intrusion detection, antivirus, ability to process phishing scams and removal of compromised computers from the network.
K-State also uses the Security Incident Response Team. Duties of the response team representatives include responding to security incidents and attending meetings so representatives can know what threats to look out for. Every college at K-State has its own representative.
Larry McFeeters, response team representative for the College of Arts and Sciences, said one thing the team is looking out for are bad links in spam emails.
“I look at (an email) and if it is suspicious, I forward it on to the (Security Incident Response Team) people,” McFeeters said. “They can block the links very quickly and keep other people from having a problem.”
McFeeters said he also verifies if a computer has been cleaned properly after being infected with a virus so it can return to the network.
To Vaile, a big part of keeping K-State’s networks secure are all users being diligent as well as security teams.
“The biggest threat is phishing emails,” Ou said.
Many of the phishing emails may be posing as K-State’s Information Technology Services, asking for a user’s password information, according to Ou.
“Never respond with your password to these emails,” Ou said.