On Monday, April 2, an unknown Chinese entity attacked Macalester’s web server, briefly disrupting internet access. The network outage lasted seven minutes, but no Macalester accounts or servers were hacked and no information was compromised.
The outage was caused by a Denial-of-Service (DoS) attack, which, according to the Information Technology Services (ITS) Notices and Alerts blog, shuts down a network, making it inaccessible to its intended users. This type of attack is not typically used to siphon information from its target. On Monday, the DoS flooded the network until service was lost.
ITS discovered the attack after the school’s monitoring system triggered alerts, ITS Infrastructure Manager Alan Nord wrote in an email to The Mac Weekly.
According to Nord, there is no cause for campus concern.
“These types of attacks happen multiple times per day,” Nord wrote. “Normally, they don’t cause any issue or disruption. We have technology and solutions in place to prevent all types of attacks and remediate issues, but in this case the amount of traffic was too great and overwhelmed our firewall’s resources.”
Cyberattacks like these have become increasingly common on college campuses. A 2013 New York Times article found that American research universities in particular can face up to 100,000 hacking attempts per day from China alone, as well as a significant number from Russia and Vietnam.
While the attempt was commonplace, Nord said, the fact that it caused a disruption came as a shock.
“We are working with support to see if there is a defect in the firewall or if we need to make adjustments to combat future attempts,” he wrote.
According to Associate Director for Administration of ITS David Sisk, despite the attack, Macalester’s firewall is very secure.
“We have a firewall of Palo Alto equipment that gives us a good, strong layer of protection,” Sisk said. “[The attack] raises alarms that [Nord] and his staff can look at to see what can be done about it – how we can recover more quickly, how we can protect ourselves better – I’m sure if they find ways that [the attack] hit us that can be prevented they will take those steps.”
Sisk noted that attacks like these tend to do more to scare students than they do to compromise Macalester’s systems.
“They start thinking, ‘a Chinese entity – what does that mean?’, Sisk said. “Well, all it means is that we tracked it to an IP address where the computer was in the People’s Republic.”
“I think they’re right to worry, but it should be the same way I worry about driving home at night,” he continued. “It makes me a better driver, but it doesn’t stop me from driving back from work.”
According to Sisk, students can take several steps to protect their information from similar attacks.
“Change your password, don’t click on weird-looking URLs, and if you see anything strange, send it to the Help Desk and ask for assistance,” he said.