By 
Download a new single, order that pair of sneakers you’ve been looking at, instant message your best friend, pay your cell phone bill, check your intermediate grade, and chat with your fellow philosophers all at once. Life as a college student would not be complete without the joys and conveniences of modern high-speed technology, available on virtually every campus across the country.
In fact, the cyber life has become such an integral part of the college lifestyle that many students don’t think twice about entering credit card numbers, social security numbers, and other personal information on websites regularly. nor do they take security measures. seriously. Unfortunately, your university’s computer network may not be as secure and fail-safe as you think. Take a look at the amount of information students provide online and the people who may be poking and potentially using that information against you.
The reality of risk
Don’t you think piracy could happen in your school? An alarming number of major universities, including the University of Nevada (Las Vegas, NV) and the University of Connecticut (Storrs-Mansfield, CT) have reported hacking incidents in 2005 alone. For these and other schools, servers were illegally infiltrated that contained personal data (social security numbers, dates of birth, phone numbers and addresses).
But just because a school is not aware of security violations does not mean they did not happen. “I don’t think any school can say beyond a shadow of a doubt that it has never had an instance of unauthorized access,” says Jason Wallace, director of information security at the University of Norwich (Northfield, VT). “Higher education is a very different situation from the corporate world; it is much more difficult to deal with security in a college or university.”
Opened …
Why is it so much more difficult to protect a university than a corporation or a home computer? “The whole concept of higher education has to do with openness and availability of resources,” explains Wallace. “I can’t imagine a university anywhere that has a website filter.”
Creativity and exploration are highly encouraged in academia, and as a result, hackers are more likely to find loopholes in a network that may not be ideally designed. In fact, most universities still need to increase their security to the rapidly advancing hacker and virus technologies.
“Schools are trying to catch up,” explains Dave Grant, director of product marketing for Watchfire, a company that produces Internet security software. “I would say that half of university websites are exploitable today, and about 75 percent of attacks that occur are because the sites are not as secure as they should be. The average web developer doesn’t necessarily know a lot about security, which is why sites are flawed. “
A human error
Beyond the “open” nature of universities, sometimes people just make mistakes and the situation is simply out of your control. More than 300 City University of New York (CUNY) students were surprised and alarmed to discover that their personal information, including Social Security numbers, loan information and amounts, and direct deposit information, was freely available. In Internet. According to CUNY spokesperson Michael Arena, the student’s information was made available due to human error. A school worker had accidentally placed the file outside the school’s protected firewall, making it accessible to anyone. The private data even appeared through Google.com, the massively popular search engine.
What can you do?
If you’ve ever lost a wallet, you know the stress of having to cancel your credit cards, get a new ATM card, apply for a new Social Security card, and rebuild the life that you so conveniently carried in your pocket or purse. Now imagine if all that information hadn’t just been lost, but was deliberately stolen from you and then exploited.
“For just the last five years we’ve been using the Internet to buy things, order products, enter personal information,” Grant explains. “We have good reason to do so, but hackers are finding it easy to steal personal information as we put more and more lives on the Web.”
Whether it’s infiltrating the databases that universities maintain online or your own personal computer, hackers have a variety of ways to obtain your personal information.
Protect your PC
To prevent this and other cases of identity theft from occurring, there are several precautionary measures you can take.
“The important thing for students to understand is that protecting themselves from things like identity theft is largely up to them,” says Matt Curtain, author of Brute force: cracking the data encryption standard (Springer, 2005) and frequent lecturer at Ohio State University (Columbus, OH). “Keep personal information personal. On campuses you will find people with tables set up trying to offer you credit cards or free cell phones and asking you to give them your Social Security number – don’t. The only time it needs to be disclosed for tax reasons or when it comes to the Social Security Administration. “
Also, take the time to configure your personal computer to be as resistant as possible to hackers. “Using passwords for common names (your girlfriend or boyfriend’s name, no combination of numbers and letters) is a big problem,” Grant explains. “They are easy to crack because hackers have programs that run through millions of simple login names looking for a match.”
Up-to-date virus protection is also a must. “There is a lot of free antivirus and antispyware software,” he adds. “Download it and keep it updated. Software that is a month old is useless, because new viruses are constantly appearing.”
A job inside
So these hackers are big cyber bad guys who have nothing better to do than steal your personal information, right? In fact, sometimes the culprits are your peers.
In March 2005, approximately 150 applicants from six of the nation’s top business schools exploited a security vulnerability in a widely used admissions database for universities and accessed the site incorrectly. Schools invaded included Dartmouth College (Hanover, NH), Carnegie Mellon University (Pittsburgh, PA), Duke University (Durham, NC), Massachusetts Institute of Technology (Cambridge, MA), and last but certainly not least Harvard University (Cambridge, MA), which wins this year’s Most Enthusiastic Applicants award, with 119 trespassers. All schools except Dartmouth refused to admit any of the students, calling the infiltration a serious violation of ethics.
Hacking 101
For those of us who think that “encryption” is something you’d see in a horror movie, here’s a breakdown of some of the ways tech thieves can get hold of your wares.
1. Forced browsing: let’s say you’re on a website and the URL in the top browser window ends in the digits “444”. Sometimes just by altering the digits to a different number, like “445” for example, a hacker can access other pages on the web.
2. Testing for holes: A more advanced way to hack is by creating applets that click and click to find holes in computer systems. Once the slightest breach in security is found, the system can be accessed improperly.
3. Phishing – Sometimes hackers create websites that look exactly like authentic sites to trick users into entering personal information. For example, a hacker can create a site that looks like Hotmail, Bank of America, or eBay. Users then enter email addresses, passwords, credit card information, and other personal data, which hackers can use.