A new student organization focused on network security has surfaced on campus called the IU Southeast Computer Security Group.
The goals of the group are to inform students about Internet computer threats, create new credit courses for computer security training on campus and attend competitions against other universities.
Currently, the group has 17 members.
Brandon Grindatti, informatics senior, is the vice president of the CSG and said the group focuses on network security on both a personal and corporate level.
“For students on the personal level, our job is to teach you how to protect yourself from someone trying to steal your files, your credit card numbers and your bank statements right off your computer, and that’s very possible nowadays,” Grindatti said. “This happens because people don’t have the awareness they need.”
The group plans to hold weekly call-out sessions, in which they will present information and tools to attendees that will help them heighten their Internet security.
“Everything is becoming so complex,” Grindatti said. “Technology is evolving faster than most people can keep up with. Our job is to look at these evolutions and pin point the weaknesses in certain systems. Our job is to show people how to secure themselves against threats.”
Ruben Dodge, computer science junior, is the president of the CSG. He said if someone hacks a computer, they essentially have control over the device, such as being able to copy files and monitor websites used.
“They can even see you through your webcam and can turn on your microphone and listen to you,” Dodge said.
Grindatti said this can easily be avoided by keeping a computer updated.
“If you have the proper software installed and the proper setup on your operating system, that will eliminate the threat right there,” Grindatti said. “We want to bring awareness to people so they know that these people are out there. They are out to get your information, and this is how you stop them.”
The group recommended several steps students can take to protect themselves, such as installing a firewall and an anti-virus software. Dodge and Grindatti said they recommend SuperAntiSpyware and Malwarebytes.
“Those are just a few names among a laundry list of tools and applications you can use to counter most malicious cyber threats,” Grindatti said.
Free software is also available for students to download through the IUware website.
The group advises Internet users to take other precautions, as well.
“Make sure you have different passwords for each website you visit,” Dodge said. “If one of your accounts is hacked, they can access any other online account that has the same password. You can’t guarantee 100 percent that you’re going to be secure, but you can make it very hard for a person to be any kind of threat.”
Grindatti said if the hacker received enough information from a student’s account they can steal their identity.
“Ninety-nine percent of hacking is opportunistic,” Grindatti said. “They’ll do one big scan, and, if there’s nothing particularly vulnerable, they’ll move on to something else. It’s very, very rare that you encounter someone who really knows what they’re doing.”
Dodge said only five percent of hackers can actually code their own viruses.
“All they do is download a program off the Internet and use it,” Dodge said. “The hacking is done automatically.”
However, the group also works on a corporate level with network security.
“With businesses nowadays, Internet security is getting so big,” Grindatti said. “Companies have millions of personal credit card numbers on file and even social security numbers. When hackers get this information, they sell it to the highest bidder.”
Last year, the electronic company Sony was hacked, causing 70 million credit card numbers and addresses to be stolen.
“Afterward, they lost 30 percent of their online customer base,” Grindatti said. “One-third of their users are unsubscribed. Our job is to thwart that, to patch vulnerabilities and to shut them down.”
Grindatti also said, while some companies are wary of spending money for computer security, it makes a large difference in the long-run.
“You can’t put a price tag on peace of mind,” Grindatti said.
Since many universities have a Computer Security Group, competitions between the groups are hosted across the country.
Twelve members of the group attended a competition in Fort Wayne, Ind., on Feb. 18.
During the day-long competition, they worked to defend a virtual business network from cyber-attacks created by a team of hackers.
“At the national level, you’re up against Ivy League schools, like Harvard, who are trying to defend against attacks by actual members of the National Security Agency,” Dodge said. “You’re versing the most pro hackers that could ever attack your network. They’re on your internal network, they’re organized and they have a plan.”
Grindatti said it is the worst case scenario in regards to hacking.
“This level of hacking is something we hear about on the news,” Grindatti said. “Like when a Chinese organization hacked several Google servers in the U.S., or when the Iran nuclear power plant was hacked. That’s the level we’re talking about.”
John Doyle, associate professor and coordinator of computer science, and Sridhar Ramachandran, assistant professor and coordinator of informatics, are faculty advisers for the group.
With the help of its staff advisers, the group plans to create several courses for computer security training, which will be available to upper-level informatics and computer science majors.
“We have some very good and enthusiastic students,” Doyle said. “They’ve really taken the ball and run with it. I just try to answer any questions if I’m able to.”
The group also hopes to gain more funding in the near future so they can expand the program.
“There’s some on-campus sources available for funding,” Doyle said, “but, for something like this, we’ll probably be trying to identify a good partner off-campus, too.”
By S.B. WEBER
Staff
samweber@ius.edu
