http://www.chronicle.duke.edu/vnews/display.v/ART/2004/01/22/400fd304cd30b by Andrew Collins January 22, 2004 Some students coming back from fall study abroad have discovered to their dismay, what others in the University have known for months: Duke computers are under siege from hackers. Since August 2003, the Office of Information Technology has had to reinstall the operating systems of hundreds of hacked computers--the computer equivalent of a lobotomy. Although not unprecedented, the recent surge in hacking has inconvenienced many and shows no signs of abating. Former study abroad students report that a disproportionately high number of their fellow travelers have been hacked. A possible reason is that since they were gone last semester, some of these returning students may have failed to take precautions OIT recommends to guard against hacking. Junior Vinitha Kaushik said she did not pay adequate attention to an OIT security patch download page that greeted her when she returned to her computer from a France study abroad program. "They put the patch in the middle of a registration form," she said. "All I really wanted to do was get back on the Internet when I got back to school, so I skipped the middle part." Kaushik's computer was promptly hacked. OIT security officer Chris Cramer said computers become vulnerable when individuals fail to create an administrator password or when they fail to download security updates for their operating systems. Most of the University's recent hacking cases have resulted from a lack of an administrator password, he said. The identity of the hackers--and Cramer said there are almost certainly multiple people involved--is largely impossible to trace. Many of the suspected hackers are thought to be from foreign countries, including Brazil, while others are suspected to be from within the United States. The Federal Bureau of Investigation has not taken up any Duke cases yet, Cramer said, because the amount of damage from each hacking is relatively small. Cramer said there are three main motivations to hacking Duke computers: fun, data storage and as a means to attack other computers. Although the hackers' amusement factor may be impossible to gauge, hacked Duke computers have been used for data storage and, occasionally, to launch attacks on other computers. "Typically, these are teenagers--younger teenagers--just looking for thrills," Cramer said. "The folks who break into the machines are [often] looking for some computer where they can store movies, music, pornography, et cetera, all these illegal materials, so that other people can download them." The standard OIT protocol for dealing with hacked computers is to wipe clean the hard drive and reinstall the operating system. This reinstallation service is free but leads to five to seven days of computer deprivation, as well as the inconvenience of having to back up important data and reinstall programs. Hacking victims, predictably, voiced their displeasure about their computer lobotomies. "It's awful," Kaushik said. "I live in Edens [Quadrangle]; the computer lab isn't even close and applications and resumes are due." "It's just sort of a pain... actually, it's a big pain," said junior Kate Hansen. "I don't have a burner, so all my music and picture files are gone. I was only able to salvage some [Microsoft] Word files and stuff." For those who did not save their original CD-ROMs for application packages such as Microsoft Office, the operating system reinstallation can become quite expensive. Duke Computer Store manager Clarence Morgan said the computer store cannot replace lost disks. OIT insists on reinstalling hacked operating systems because of the relatively unlikely possibility that a hacked system could attack other computers on the network. Failure by a hacked individual to bring his or her computer to OIT within a week results in a severed internet connection, Cramer said. "Unless you really know what you're doing, the safest thing to do is reinstall the operating system and then restore that data to a clean computer," Cramer said. "You can attempt to get the hacker off your system, but it's never as simple as just changing your password, because usually the hacker has installed back doors--ways they can get back in." Some students are complaining about shorter-than-advertised periods between initial notification and losing their internet; others say their computers have remained in the shop longer than five to seven days. Despite the grumbling, most praised OIT workers' helpfulness and others have even identified positive aspects to being temporarily stripped of their computers. "My roommate's computer got hacked into too," said Hansen of her fellow study abroad veteran, junior Jessica Laun, "so we actually have real conversations." - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Jan 23 2004 - 11:09:34 PST