Dominican U. Secures Network to Protect Students and Faculty
Worms, viruses, spyware and other malicious code are a rapidly growing problem. According to computer industry associations, major viruses such as Sasser are costing companies, individuals and educational institutions worldwide billions of dollars annually. Considering this type of damaging code hits computer networks a few times a year, it represents a significant drain on productivity as well as an unnecessary expense.
While worms and viruses are dangerous enough, spyware can cause even more damage. Spyware is code that is downloaded after a user hits the “I agree” button at the end of a long list of tiny type when downloading instant messaging or other free applications. The software transmits information back to individuals or companies about users’ Web surfing activities, resulting in pop-up ads and other productivity hindrances. Spyware is difficult to remove and can be used to log keystrokes to steal valuable information. Where a worm or virus deposits only a handful of files in a computer and makes minimal changes to a registry, spyware deposits hundreds of files and can make thousands of changes to a registry.
Dealing With Threats
At Dominican University of California, we deal with all three of these threats to privacy and security. Like many schools, we are continually hit with worms and viruses, including especially damaging ones like the Blaster worm. In 2003, the Blaster worm hit us like a plague. Since Blaster infiltrates the network, it affected all of our Windows XP, NT, 2000 and Server 2003 systems. It eventually took down our network, requiring hours to get the system up and running again.
Currently, the effort to protect users from viruses, worms and spyware falls on the shoulders of IT administrators. But based on the ubiquity of this threat, we’ve come to the conclusion that we in IT can’t do it alone. If these threats are to be beaten - and they must if we’re going to maintain an open, productive computing environment - other groups must step into the arena along with us. We recommend the following three-part process for dealing with malicious code: education, protection and regulation.
Education. Computer users are, and will remain, the first line of defense against malicious code. Viruses and worms are transmitted through e-mail, so it’s essential that students and others are aware of what e-mail likely contains and recognize those that are suspicious. Given the media coverage of worms and viruses, awareness of suspicious e-mail is very high. Unfortunately, most users don’t know about spyware and how it winds up on their hard drives. Companies that distribute adware and other legal spyware have a responsibility to clearly explain what these applications are and when they will be downloaded along with instant messaging and other applications. More importantly, companies have a responsibility to include “uninstall utilities” with clear instructions on how to use them. If companies or industry associations cannot regulate themselves in this area, it may require government action.
Protection. There are powerful applications to protect the computer network. At Dominican, we use Total Traffic Control (TTC) v5.0 from Lightspeed Systems (www.lightspeedsystems.com). TTC is a comprehensive security suite that protects against all types of malicious code and spam. The software also enables us to mange the bandwidth of our network to relieve bottlenecks caused by peer-to-peer programs and other popular student applications. With TTC, we effectively gain additional bandwidth without incurring the extra cost of T1 lines. All of the software’s functionalities came into play when we were hit by the Sasser virus earlier this year. The network traffic generated by the virus was quickly identified by TTC and stopped before it saturated the university’s firewall and Internet connection. Using TTC, Dominican was able to identify the exact student machines that were infected and notified students of the problem.
Regulation. As noted above, there may be a role for government involvement in making large companies more forthright about the installation and removal of adware and other spyware. There’s certainly a role for the government in the identification and prosecution of those individuals who promulgate damaging malicious code. These are people who cost companies and schools worldwide hundreds of millions, or even billions, of dollars. Therefore, significant government resources should be devoted to identifying, apprehending and holding accountable those responsible for disrupting the world’s most important communication and learning tool.
Worms, viruses and spyware are a reality for the foreseeable future. I believe that we’ll eventually find the right combination of educational, technological and legal tools to beat them back until they’re no longer a significant threat. But until that day, IT administrators will continue relying on security software such as TTC to protect our students and faculty, as well as fulfill the educational promise of the Internet.
This article originally appeared in the 04/01/2005 issue of THE Journal.