On Feb. 9, University of Colorado (CU) President Mark Kennedy informed students via email of a cyberattack that occurred on CU servers.
A transfer server on the CU Boulder campus, provided by a third-party vendor Accelion, was breached.
Tom Conley, an information security officer who works with data and server security at the University of Colorado Colorado Springs (UCCS) Office of Information Technology (OIT), explained that transfer servers are a specific type of system where data is temporarily stored. For example, emails do not accept large files, so a link must be sent instead. The large file is temporarily stored on a transfer server, which can then be retrieved through the link by either the sender or the recipient.
Hackers were able to exploit vulnerability within Accelion’s servers in late January.
CU Boulder is one of Accelion’s 300 customers to have been affected by this security breach. Server files from CU Denver were also compromised, but CU Anschutz and UCCS do not appear to have been affected.
Conley further explained that UCCS does not use Accelion, nor any other third-party vendor, for their servers, meaning that the breach did not directly impact the UCCS community. UCCS instead uses LionShare, a server run and maintained by the OIT.
Though the UCCS servers were not attacked, Conley did warn about potential data still being exposed.
Conley postulated that the attacked server mostly held research, reports and data sets, so it is possible that information about individual UCCS students or professors involved with the research or data could have been compromised, depending on what was on the server at the time of the breach.
“You don’t know what they had access to, so we assume any of data on there is compromised. It is not always easy to figure out what type of data is on a server like that,” Conley said.
Although a security breach of this type could occur at UCCS, Conley is confident in the security of the servers, and believes that the layers of security within the servers were robust and well scanned for vulnerabilities.
Conley said, “Security is like an onion. Peel back a layer of an onion and it’s nothing but layers. Servers can’t depend on one layer for security.”
The OIT has been working to upgrade endpoint security, which Conley states as being a likelier threat to students than a server attack.
Endpoints are machines like computers, laptops and phones, and endpoint security relates to protecting hard drive information that could be stolen as a result of computer or laptop theft.
To better protect against threats, the OIT and Conley recommend layering security on devices by keeping the device up to date, password protecting the device, and having the device’s firewall up. As an additional layer of security, Conley recommends enabling whole disk encryption for student devices.
For more information about device security, reach out to OIT at UCCS directly.
For more information about the Accelion data breach, see this website.