Added authorization coming to myUSI portal

Chief Information Officer talks hacking, latest updates to campus IT

It may soon become more difficult for hackers to gain access to students emails.

A multifactor or dual factor authorization process is being developed for the university’s myUSI login portal, but could be years out.

“That’s a process where when you go to log on it will probably trigger your phone with a message that says somebody’s trying to log on to your myUSI account,” Chief Information Officer Richard Toeniskoetter said. “It’s added safety to the campus community.”

A multifactor or dual factor authorization process is being developed for the university’s myUSI login portal, but could be years out.

He said the university does not yet have the technology put in place to add the authorization.

“We want to do it with myUSI, but we need to get there and it costs some money to do,” he said.

Toeniskoetter said he is hearing that almost every university in the country is looking at this.

“It makes it harder for a hacker to get in because if they steal your password they still cannot get in without that phone or whatever the second vector is, and what we don’t want is to be the last university that does this,” he said.

He said USI does not want to be at the tail end of universities who have not implemented the program.

“We certainly are not going to be at the front end,” Toeniskoetter said. “There are lots of universities that have done this, but we don’t want to be at the tail end and we want to get this done, our upper level and senior management have been very supportive of solving these things, and we are in good shape on that.”

As for the overall influx of hackers this year, Toeniskoetter said the situation continues to be worse as the creativity of the hackers increases.

“It appears to me that this is worse than ever,” he said. “The amount of mail that we are seeing hitting the campus is enormous now and a lot of it is being stripped more than in the past.”

He said IT is doing a better job of stripping it with the Microsoft tools available.

“It’s an enormous amount of emails coming in, but what we are hearing from other schools and security people is that the hackers are recognizing that bad attachments are getting blocked,” he said. “So it’s getting harder for a bad attachment to come through so their tactics are changing a bit to social engineering and trying to get you to fall first.”

He said hackers are adapting and going down the path now with social engineering.

“Email still remains the number one attack vector because it is the easiest way to get something in front of you,” Toeniskoetter said. “So that’s still where huge volume there and then they are branching out into facebook and text messages.”

USI has been spared from any breach this academic year.

Toeniskoetter told The Shield in Oct. 2017 hackers had breached an official IT Advisory,  retrieving an exact copy of the advisory and sending it back to campus emails asking for verification of a password. He said the university is cautious using the word “breach.”

“Last year we thought we were going through a denial of service attack that’s where (the hackers) flood the system from the outside and try and crash out,” he said. “It overloads the network and then you can’t get any work done sometimes, we have had some attacks we have had to mitigate but we have not lost data or seen any comprised data systems, were in good shape but you can never say never.”

He said the main deterrent against out forces is the campus firewall.

“(The firewall) is very actively looking at content and blocking it and it subscribes to a service of known bad actors and watches for content that may be trying to talk back and forth and will automatically block that,” he said. “If a new bad actor gets added to that list we are immediately getting the benefit of that, so the firewall is our primary mechanism for protecting the campus.”

Toeniskoetter said in the next few weeks the university will look to hire a management services security provider (MSSP). The MSSP is a company that IT that provides an organization with cybersecurity monitoring and management.

 

“What they would do is 24/7, 365 days a year actually monitor the firewall logs,” he said. “They will monitor the logs in real time and if they see anything they will jump on it right way.”

Toeniskoetter said it would be cost prohibitive for the university to try and build a similar program in house.

“But we are looking at this as a partnership with an Indiana company to solve this for us, that will be a real improvement to our security posture,” he said.

He said hackers are very hard to trace down because it’s almost always overseas.

“We have not gone through (a breach) but there is always a risk,” he said. “But we continue to put a lot of effort into it but universities are a big target because they have to be fairly open in the way we communicate and the faculty and peers and other university systems are fairly wide open.”

Toeniskoetter said you cannot trust anything that comes across email, phone or Facebook.

“You just can’t trust it,” he said. “They are at a level now where if they can get into your account and look at your emails they can use artificial intelligence to try and craft their email that almost looks like you wrote it, and that’s how sophisticated it’s getting.”

He said if students are unsure about an email, call the IT department and speak with someone who will look up the issue.