Online services recover from attacks

By Noah Grand
Daily Bruin Reporter

Despite recent disruptions of two online services at UCLA,
officials report that the incidents do not pose reason for
alarm.

“UCLA is a very high-profile organization. It’s not
too surprising that we have been attacked,” said Kent Wada,
UCLA Internet technology security director.

The undergraduate admissions decision Web site, which allows
freshman applicants to check if they were admitted to UCLA, was hit
with a denial of service attack on March 29, the day it was
released.

On April 5, someone sent an unauthorized mass e-mail to all
users on the BruinCard e-mail list server. The forged e-mail
appeared to have been sent by Linda Lee of the BruinCard
office.

Wada said this was this first time he had seen a forged e-mail,
and it was only a coincidence that these two attacks happened
within the same week.

“It’s not anything worse than what has happened
before,” Wada said.

The undergraduate admissions Web site received constant requests
for information from the attacker, which overloaded the Web site so
only one out of 100 users could get their requests processed. This
flood of requests was blocked and the Web site was reopened for use
on April 2, according to Rae Lee Siporin, director of undergraduate
admissions and relations with schools.

“This is the sort of thing that’s just not
right,” said Siporin.

Legitimate users usually send one request for admissions data,
so the site is set up to accommodate a certain number of users. In
this attack, the attacker or attackers may have sent so many
requests that the site could not process them all.

The person who committed the attack may be harder to stop than
the attack itself, Wada said.

“You can have 10 or 12 different Internet service
providers between the target and the user,” Wada said.

UCLA cooperates with individual providers, each with its own
security policies, to trace hackers through their systems.

This can be further complicated when law enforcement gets
involved because many providers will not disclose who their users
are without a court order.

“Part of the process we do follow is that we make sure law
enforcement is involved as soon as possible,” Wada said.

UCPD was called to investigate the undergraduate admissions
attack and has a detective working the case right now. The attack
originated out-of-state but the hacker has yet to be identified,
said Nancy Greenstein, director of police community services.

Other attempts to access UCLA systems have been stopped by
firewalls, which are programs designed to monitor systems and block
unauthorized access.

“We continually receive attempts to access our
systems,” said Michael Schilling, director of the Student
Technology Center.

Schilling said most of these attempts are port scans, meaning an
outside user tries to determine what programs on a computer are
connected to the Internet.

Computer users with constant Internet connections, such as
ethernet connections in dormitories, are at greater risk than modem
users, because their connections are active whenever the computers
are turned on.

Students in parts of Sunset Village and De Neve Plaza have also
reported problems using the Internet last week. The problems were
reported to STC Monday afternoon and were resolved by Wednesday
evening, according to Schilling. The problem appeared separate from
the attacks.

“We believe the technical difficulties in the dorms were
not a result of denial of service attacks or any penetration of our
firewalls,” Schilling said.

Dorm residents are responsible for protecting their own
computers and are not protected by the STC firewall, Schilling
said. Students can run personal firewalls on their computers and
STC can help them load these programs on their computers.

“It’s important to be sensitive to the importance of
having some firewall protection on your desktop. It’s equally
if not more important to have some virus protection on your
computer that is loaded and maintained,” Schilling said.

Schilling said users should update their virus protection
programs every few weeks, and that they should also secure their
passwords and keep them confidential.

Different levels of computer security are found throughout UCLA
because departments have varying needs.

“You want grades and money on a BruinCard to be as secure
as a bank. It’s critical to keep those systems really
stable,” Wada said.

Despite UCLA’s security measures, Wada expects attacks on
UCLA’s systems to continue.

“There are some things that you can do to protect the
network, and UCLA has done those things, but we can’t prevent
this from happening again with current technology,” Wada
said.

While he expects UCLA to be the target of more attacks, he said
he does not think UCLA is alone in this regard.

“I guess on the whole attacks have increased in frequency
and complexity,” Wada said.

A DENIAL OF SERVICE ATTACK A denial of service
attack will often pass through 10 – 12 different Internet service
providers when going from the attacker to the target, making them
hard to track. SOURCE: Kent Wada, Internet Technology Security
Director Original graphic by MAGGIE WOO/Daily Bruin Web adaptation
by CHRISTINE TAN/Daily Bruin

Leave a comment

Your email address will not be published. Required fields are marked *