Keeping Away Digital Demons

[InfoSec News <isn () c4i org>]

http://www.inform.umd.edu/News/Diamondback/archives/2003/03/10/news4.html

By Rachael Jackson 
Staff writer 
Mar 10, 2003 

He doesn't have a badge, handcuffs or a neatly pressed uniform, but he
helps track down criminals operating across the world.

He works with the FBI and state police, but he's never studied
criminology. He protects what is dear to you, but chances are you'll
never meet him face-to-face.

His name is Gerry Sneeringer and as the Office of Information
Technology's security officer, it's his job to keep your computer out
of harm's way by patrolling the university network, keeping hackers
and viruses out and tracking down e-mail offenders.

With 30,000 computers on the university network, the campus is more
vulnerable to attacks and can spread viruses more easily than typical
computer systems.

"As long as we've had computers on campus, we've had people trying to
mess with them," he said.

The man on the "right" side of the gigabyte said he doesn't really
feel like an officer, but so far his efforts have kept out hundreds of
viruses and hackers, helped solve a dozen e-mail harassment cases and
secured the campus against an unknown number of computing
catastrophes.

Sneeringer plays detective in e-mail harassment cases where
perpetrators, often ex-boyfriends or girlfriends, send death threats
and other menacing notices from anonymous computer labs. He traces
them through the log-in service, which identifies recent users, and
shares what he learns with police.

During the summer, 130 faculty and staff systems were hacked into and
used for unauthorized purposes. Sneeringer cut the number to 10
incidents between October and December.

Also last summer, hackers remotely connected to campus computers,
exploiting users who had not set up Windows passwords as a security
measure. They copied movies onto university systems, but Sneeringer
tripped them up when he blocked their access to the computers with a
Microsoft protective protocol.

"Over time we learn those techniques," he said, "It's an ongoing war."

The FBI was not involved in that case, but Sneeringer works with the
agency in cases that involve large amounts of money and go through
government computers. When the FBI traces a computer to the
university, Sneeringer helps them work down the chain to find their
hacker.

A large part of the computer security problem on the campus, he said,
is that students are not installing proper security updates.

"If the getaway car belonged to someone else, the police would waste a
lot of time tracking down the wrong car," he said. "The key is being
aware that the Internet is a dangerous place for a computer to be," he
said. "It's like walking down a dark street."

Sneeringer's position was created last summer as universities across
the country increased preparedness for attacks against computer
systems. His job is to follow the electronic trail to the original
offender. Internet criminals, who take advantage of the speed of the
university network, are often working from Europe or Asia.

Mostly though, he said he handles small incidents.

"We've never had a really big, ugly, hairy hacking incident," he said,
attributing that success to good technology administrators and good
luck. "We haven't presented a juicy enough target."

And by constantly securing the network, Sneeringer plans to keep it
that way.

Security at universities provides a special paradox, said OIT
spokeswoman Joan Martinez. "We have to balance open knowledge and
research with security," she said. Last year Sneeringer led the battle
against the Klez virus, a rapidly spreading worm that deletes computer
files on set days of the month. He had to give the order to turn off
network service to 700 computers, but the virus was contained and the
network saved.

Sneeringer, a Riverdale, Md., native, who now lives in Chesapeake
Beach with his wife and 3-year-old son, came to the campus as a
computer science undergraduate in 1981. In 1984 he was a student
employee at the Computer Science Center. He joined the staff of the
OIT help desk full-time in 1986. In 1989, a year before he graduated,
he joined a networking group on the campus. From then until last
summer he worked as a networking engineer, until he became the
security officer.

"I've always been the person who's had to help out in terms of
investigating things. You feel like you're doing some good. If I'm
doing my job well, we get to the bottom of the situations or prevent
them from happening."

His job does involve a "cops and robbers" element, he said, but it's
much more about security education and holding down the technology
fort.




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.