By Katlin Sweeney
Editor in Chief
Students need to be aware of the harsh reality and prevalence of hacking in the modern era, especially in light of the cases involving CSUSM students in the past few years.
What may have previously seemed like an issue that was not relevant has become a central concern for many students. While many people are aware of the warning signals of an email containing a virus, hacking is ever expansive, sometimes resulting in the manipulation of your own device against you.
According to Information Security Officer Teresa Macklin in CSUSM’s Instructional & Information Technology Services (IITS) department, three major kinds of hacking are what typically target college students, or have already done so in the past.
The most well-known type of hacking amongst college students is phishing or spamming. In this particular form, the hacker will send an email or notification to the user’s computer/device, asking for personal information or some sort of attention. If opened or responded to, the person’s information can be sold to various criminal organizations and their account will be used by hackers to manipulate further.
“In our case, hackers would try to get your username and password to log in to one of our mail servers as you, and then they use that to send out thousands and thousands of messages in our mail server. They [also] want to get access to your social media account, and if they do that then they can use your access to access your friends and post things for them to click on,” Macklin said.
With the existence of large databases containing the personal information of thousands of people like at CSUSM, Macklin said the university takes extra precaution to make sure students are not at risk when they put trust into the school.
“Your campus email address is directory information, so it’s not that difficult for people to get email addresses for people on campus; we list those. One of the things that we do is we pay for filtering software so that when people get those and try to send us spam, they are generally blocked. We have a number of things we do to try to protect those things from happening,” Macklin said.
Another kind of hacking that threatens college students is gaining access to their webcam. Hackers may use the first tactic of hacking into an email or social media account to gain access to personal information or figure out how to break into the user’s device without them knowing. In the recent arrest of Jared James Abrahams, the FBI reported that he allegedly utilized hacking software and the domain name “cutefuzzypuppy” to infect his victims’ computers so that he would have access. He also was allegedly linked to hacking forums where someone with the same domain name was asking questions and researching how to use malware and control webcams. Macklin asserted that crimes with a personal element are a huge risk for college students more than large-scale viruses are.
“Some people have a mission to target an individual instead of a group of individuals, so you have to watch out for both things. For students, it’s more common that it would be a sexploitation-type crime that they could be at risk for, versus a CEO of a company has to worry about the hacker looking for access to the financial records in their system,” Macklin said.
The use of physical hacking devices are also of concern, CSUSM students exposed to their existence first-hand about a year ago. In July of this year, former CSUSM student Matt Weaver was sentenced to a year in prison for counts of wire fraud, unauthorized access of a computer and identity theft, to which he plead guilty. Over the span of January to March 2012, Weaver installed keylogging devices on various computers on campus so that he could get the user identification and passwords of 745 students and staff. He stored the information on spreadsheets in his computer and then used them in order to try to rig the ASI presidential election in his favor.
Macklin stated that the use of the keylogging device to gain personal information of students and staff at CSUSM made the issue of hacking a greater concern for the university as a whole.
“It’s pretty rare to see [those devices used]. It is an unusual amount of effort, and expensive, to see a physical device used by a student. The way more common thing is phishing,” Macklin said. “We had never had that happen here before, those devices a couple years ago were $35 to $50 a piece, so the idea that someone would want this so bad to install them and use them, it was so highly unlikely. After that incident, we’ve purchased something to lock down the back of every computer on campus and want students to be more aware of protecting personal information.”
While it may seem like students are becoming more tech-savvy, Macklin said that expansion of resources is the real cause of the problem.
“Over the past few years, what’s more common is that the resources needed to do this kind of thing are available publicly. The tools you need are available; what you really need is the will. I wouldn’t say that it’s more common or people are more capable. I think that people use more computers on a day-to-day basis so there is more of an opportunity,” Macklin said.
The best way to arm yourself against becoming a victim of hacking is to follow simple precautions that will in the end, save your identity.
“The key is for everybody to protect themselves is to get virus protection and keep it current. Also have a consciousness that your identity and your identity information are valuable to somebody. Students should also change their passwords as often as possible. If you’re faculty/staff here, you have to change and update your password every twelve weeks.”
For more information and resources on how to prevent hacking, check out the Information Security portion of the IITS department website at https://csusm.edu/iits/security/index.html.
JeffM • Oct 27, 2013 at 8:22 am
Great read, awesome job Katlin! 😉