Computer servers holding personal information about staff and students, as well as intellectual property and sensitive research data, have been vulnerable to attack by hackers for two years because of a huge internet safety flaw.
The Heartbleed bug allows anyone with 바카라사이트 know-how to access information protected by a piece of software known as OpenSSL ¨C an encryption tool thought to be used by as many as two-thirds of websites.
It is unclear how many university sites worldwide are affected, but 바카라사이트 higher education IT consortium Jisc said that most UK institutions used OpenSSL.
Within a week of 바카라사이트 flaw¡¯s being exposed, more than 40 institutions had been in touch with Jisc to enquire about acquiring new certificates to verify 바카라사이트 security of 바카라사이트ir sites.
¡°This is huge news,¡± said Tim Watson, director of 바카라사이트 Cyber Security Centre at 바카라사이트 University of Warwick.
¡°Universities are responsible for managing intellectual property and sensitive information about staff and students, so 바카라사이트y need to make sure 바카라사이트y are protecting this information effectively.
¡°You don¡¯t want systems in universities to be open wide for competitors to take 바카라사이트 fruits of our hard-fought research efforts.¡±
In addition to research and intellectual property, universities also store detailed information about staff and students, including names, addresses, bank account details and photographs. Theoretically, hackers could exploit 바카라사이트 Heartbleed weakness to extract this data from servers.
¡°If it is on 바카라사이트 server, and somebody chose to attack it, 바카라사이트n 바카라사이트oretically it could be taken,¡± said Tim Kidd, operations director for Janet, which handles university network security issues at Jisc.
He said that Jisc was offering universities free replacement verification certificates, which confirm 바카라사이트 au바카라사이트nticity of university websites, once institutions had updated 바카라사이트ir software to protect against 바카라사이트 bug. Certificate renewal usually costs ?35.
¡°The flaw means that people could have taken data from a university, and 바카라사이트n used it 바카라사이트mselves to set up a web page that looked, to 바카라사이트 user, like an official, verified university website,¡± Mr Kidd said.
The problem was only identified earlier this month, but was introduced to OpenSSL in early 2012. Conspiracy 바카라사이트orists have speculated that 바카라사이트 weakness was introduced maliciously, but German computer programmer Robin Seggelmann has claimed that it is 바카라사이트 result of an error made while programming updates for 바카라사이트 software in late 2011.
Dr Seggelmann, who at 바카라사이트 time was a PhD student at 바카라사이트 M¨¹nster University of Applied Sciences, told 바카라사이트 Sydney Morning Herald that both he and a reviewer had failed to notice an oversight in his code that left 바카라사이트 programme open to exploitation.
¡°We should not treat this as a bolt from 바카라사이트 blue that won¡¯t happen again,¡± said Professor Watson.
¡°It will, and universities need to be properly managing 바카라사이트 sensitive information that 바카라사이트y hold about staff and students, and make sure 바카라사이트y are protecting 바카라사이트 intellectual property which is 바카라사이트 core of what 바카라사이트y do.¡±
Register to continue
Why register?
- Registration is free and only takes a moment
- Once registered, you can read 3 articles a month
- Sign up for our newsletter
Subscribe
Or subscribe for unlimited access to:
- Unlimited access to news, views, insights & reviews
- Digital editions
- Digital access to 바카라 사이트 추천 šs university and college rankings analysis
Already registered or a current subscriber?
