After Jackson Chu ’04 found that words in his e-mail started to delete by themselves, he knew his computer was being hacked into last Tuesday. Chu was typing an e-mail when the mouse cursor started to move on its own.
Chu was not worried at first, thinking he accidentally moved his laptop mouse. A few moments later, however, words from his e-mail started deleting. The hacker continued by deleting Chu’s whole sentence and e-mail before writing a “sentence of obscenities.”
“I was in shock and before I could do anything, the hacker sent the e-mail,” Chu said. At that time, he was writing an e-mail to inquire about a possible internship.
Chu said that earlier that evening, his media player started to play music by itself. He did not consider the possibility that his computer was being hacked.
Chu’s hall mate Harlan Crystal ’04 and another friend came to help clean out the bug. They closed the connection immediately and traced the hacker’s Internet Protocol (I.P.) address back to the United Kingdom.
“It’s pretty freaky to see the mouse moving around by itself,” Crystal said.
Hacking incidents like these are on the rise according to Tracy Mitrano ’95, policy advisor for the Office of Information Technology (OIT). In Chu’s case, the intrusion might have been facilitated by a hacker easily deciphering Chu’s network or computer password.
“This fall we have had about the same number of copyright infringement notifications. What is different is that a high proportion of those notifications are the result of computer compromise (hacking),” Mitrano said.
There have been approximately 150 reported compromises this year according to Dave Vernon, director of Information Technology Architecture for OIT.
“The actual count will be much higher as local users address the problem without reporting them to the Network Operation Center (NOC),” Vernon said. He added that Cornell receives approximately 10,000 “scans” each year. A “scan” attempts to find the vulnerabilities of a system.
According to Vernon, security incidents should be reported to the NOC.
The NOC will then help gather information about the attack and notify Cornell Information Technologies (CIT) Security Staff and CIT Helpdesk to try and resolve the problem.
“Preventing compromises in the future requires an ongoing and diligent effort by the system owner to assure that their desktop is correctly configured,” Vernon said.
The University is taking measures to educate the community about this worrying trend. OIT and CIT are taking new measures such as revising policy and establishing campus security standards to prevent computer compromise cases.
In addition, OIT is creating a new program called the Information Technology Security Program (ITSPro), partly aimed at highlighting awareness about computer security. Currently, OIT is looking for someone to fill the head position of this program. Mitrano said this program “will encompass the entire campus.”
“Everyone has to heighten their awareness of security,” Mitrano added.
According to Mitrano, the best way to prevent hacking is to create a secure, algorithmic password that cannot be easily cracked. She said that about 98.5 percent of these cases would be taken care of if proper password measures are made.
“If they don’t have a secure password, it is easy to get into your computer. [Upon breaking in], the hacker could do whatever they want,” Mitrano said.
Mitrano said it is difficult to find a hacker because the individuals usually cover their tracks well. She said that most of the cases have not involved University community members.
Still, Vernon emphasizes that unless the community secures their computers, “I.T. security at Cornell will be marginal at best.”
“You’re never really safe from hackers. I thought I’d never be hacked into,” Chu said.
Archived article by Brian Tsao