http://www.inform.umd.edu/News/Diamondback/archives/2003/03/10/news4.html By Rachael Jackson Staff writer Mar 10, 2003 He doesn't have a badge, handcuffs or a neatly pressed uniform, but he helps track down criminals operating across the world. He works with the FBI and state police, but he's never studied criminology. He protects what is dear to you, but chances are you'll never meet him face-to-face. His name is Gerry Sneeringer and as the Office of Information Technology's security officer, it's his job to keep your computer out of harm's way by patrolling the university network, keeping hackers and viruses out and tracking down e-mail offenders. With 30,000 computers on the university network, the campus is more vulnerable to attacks and can spread viruses more easily than typical computer systems. "As long as we've had computers on campus, we've had people trying to mess with them," he said. The man on the "right" side of the gigabyte said he doesn't really feel like an officer, but so far his efforts have kept out hundreds of viruses and hackers, helped solve a dozen e-mail harassment cases and secured the campus against an unknown number of computing catastrophes. Sneeringer plays detective in e-mail harassment cases where perpetrators, often ex-boyfriends or girlfriends, send death threats and other menacing notices from anonymous computer labs. He traces them through the log-in service, which identifies recent users, and shares what he learns with police. During the summer, 130 faculty and staff systems were hacked into and used for unauthorized purposes. Sneeringer cut the number to 10 incidents between October and December. Also last summer, hackers remotely connected to campus computers, exploiting users who had not set up Windows passwords as a security measure. They copied movies onto university systems, but Sneeringer tripped them up when he blocked their access to the computers with a Microsoft protective protocol. "Over time we learn those techniques," he said, "It's an ongoing war." The FBI was not involved in that case, but Sneeringer works with the agency in cases that involve large amounts of money and go through government computers. When the FBI traces a computer to the university, Sneeringer helps them work down the chain to find their hacker. A large part of the computer security problem on the campus, he said, is that students are not installing proper security updates. "If the getaway car belonged to someone else, the police would waste a lot of time tracking down the wrong car," he said. "The key is being aware that the Internet is a dangerous place for a computer to be," he said. "It's like walking down a dark street." Sneeringer's position was created last summer as universities across the country increased preparedness for attacks against computer systems. His job is to follow the electronic trail to the original offender. Internet criminals, who take advantage of the speed of the university network, are often working from Europe or Asia. Mostly though, he said he handles small incidents. "We've never had a really big, ugly, hairy hacking incident," he said, attributing that success to good technology administrators and good luck. "We haven't presented a juicy enough target." And by constantly securing the network, Sneeringer plans to keep it that way. Security at universities provides a special paradox, said OIT spokeswoman Joan Martinez. "We have to balance open knowledge and research with security," she said. Last year Sneeringer led the battle against the Klez virus, a rapidly spreading worm that deletes computer files on set days of the month. He had to give the order to turn off network service to 700 computers, but the virus was contained and the network saved. Sneeringer, a Riverdale, Md., native, who now lives in Chesapeake Beach with his wife and 3-year-old son, came to the campus as a computer science undergraduate in 1981. In 1984 he was a student employee at the Computer Science Center. He joined the staff of the OIT help desk full-time in 1986. In 1989, a year before he graduated, he joined a networking group on the campus. From then until last summer he worked as a networking engineer, until he became the security officer. "I've always been the person who's had to help out in terms of investigating things. You feel like you're doing some good. If I'm doing my job well, we get to the bottom of the situations or prevent them from happening." His job does involve a "cops and robbers" element, he said, but it's much more about security education and holding down the technology fort. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Mar 12 2003 - 01:28:44 PST