Managing the Hacks

Jan 12, 2015

Recent cyber attacks have gotten the attention of everyone from the public to the president. Transcending national barriers and international law, hacking was once thought of as a prank – perpetrated by bright students with too much time on their hands.  Experts at Virginia Tech say it’s grown into a chronic problem that will need to be continuously “managed” rather than “solved.”  

I’m visiting the I.T. security office at Virginia Tech in person. But there’s a large screen that shows red dots where virtual visitors are connecting in real time to computers here.

“The red dots that you see here mean this is a machine that is currently being targeted and you can see it. These lines that are radiating out from campus, we see a whole number of these that are coming from Chinese sites, we see some coming from Indian sites, from Europe, the UK, Spain,” explains Randy Marchany, the Internet Technology Security Officer for Virginia Tech.

These international trips being made in the blink of an eye, not by a person, says Marchany, but by a robot, tirelessly checking in, hundreds even thousands of times a day in some cases.

“We call it a brute force guessing attack. I have a dictionary; I walk it through the dictionary and see if I get a hit.”

But a hit doesn’t always mean a hack or even that the visit is a hostile one, because hackers co-opt other computers to hide their trails.

“The challenge we’re starting to see in society is, the tools and the interest is growing and they can attack more computers simultaneously,” says Scot Ransbottom is Deputy Director of the IT Security Lab. “And the number of systems that are being affected is continuing to increase”.

And now the problem comes from not just what we think of as computers.  The new internet of things means that everything from vending machines to dishwashers are themselves computers, which can also be co-opted by hidden attackers.

“You have the twin threats. You have the one threat that is that you don’t know information is being stolen,” says Marchany. “And then you have the other threat, which is a privacy issue, which is, you’re giving away that information.”

Marchany says at this point, too many of us are making it too easy for would be hackers. Everything from weak passwords, to failure to check your connection history to identify potential threats are leaving door unlocked all over the internet.