Rutgers hires cyber security firm in wake of hacking attacks at other universities
NEW BRUNSWICK — With an increasing number of colleges and universities becoming targets of hackers, Rutgers University yesterday said it is retaining a cyber security firm to evaluate the school’s vulnerability to network attacks.
Bruce Fehn, senior vice president for finance and administration, said the university expects to spend approximately $300,000 to conduct an outside examination of its computer systems and various firewalls, as well as the security of its data.
“Every institution is at risk of attack,” said Fehn, citing a number of attempts to penetrate the university by hackers, although he said no data was ever compromised or lost. “We want to evaluate our vulnerability to these type of penetrations.
In just the past year, there have been a number of high-profile cyber attacks on major U.S. campuses, with universities holding not only vast amounts of information about faculty, employees and students, but research data that could be the grist for industrial espionage.
Last Februrary, for example, the University of Maryland-College Park revealed that Social Security numbers and birth dates for nearly 300,000 students, alumni, faculty and staff were exposed in a breach.
Days later, Indiana University said the personal data, including Social Security numbers, of 146,000 students and alumni had been compromised.
And in March, the names, email addresses and phone numbers of as many as 1,300 current and former Johns Hopkins University biomedical engineering students were posted online, stolen by someone claiming to be part of the hacker group known as Anonymous. Campus officials said the breached server that contained the data did not have Social Security or credit card numbers.
Rutgers has yet to finalize a contract with a security assessment consultant, who will look at the university’s existing security controls and how its sensitive data is stored and accessed.
Candace Straight, a member of the university’s board of governors, said the university has 27,000 employees and 63,000 students, and is trusted to protect their Social Security and other personal data.
“That kind of information is always at risk at any corporation,” she said, adding that the security analysis, “will help us identify whatever weaknesses we have.”