WSU must invest more into its cybersecurity

With phishing and other dangers online, WSU needs to beef up security



Don’t click on that suspicious link, be aware of phishing calls, and be ever vigilant on the multitude cyber threats that will come up daily. Be prepared.

Computer security is like a leaning tower of thrift store champagne glasses, each filled to the brim with unleaded gasoline, stacked directly on top of the San Andreas fault line and a lit match. No matter how careful you are, and no matter how carefully you stack the glasses, inevitably the tower will fall, showering flaming fuel over everyone in a 20-foot radius. This analogy translates directly, as any singed tech support guy can tell you.

If normal computer security for a single server is like a Champagne Supernova (sorry Oasis), imagine facilitating computer security for an entire campus of students. At any given hour of the day, some business major will absolutely be pirating “Blade Runner” from a Ukrainian male potency website. Simultaneously, a music major using a library computer will, without a doubt, be glued to an illicit Kazakhstani club music streaming site, unaware of the steady flow of viruses pouring into the mid-2000s desktop’s deteriorating disc drive. Instead of champagne glasses full of gas tipping, imagine the full force of the hospital explosion scene from “The Dark Knight,” and you’ll have a pretty good idea of what the network security experts at WSU have to deal with every day.

With facts like these, it’s no wonder that WSU faces its fair share of hacking and phishing attempts. The most recent phone phishing attempt is just one in a long series of endeavors to take advantage of a student population that may not be up-to-date on the intricacies of cybersecurity.

“I’ve definitely seen quite a few phishing emails coming through, especially in the last few months,” said junior Jayce Gaddis, a dual major in computer engineering and electrical engineering.

Gaddis said the phishing attempts tend to look like a fabricated job opportunity, claiming students can make hundreds of dollars a week by sitting at home.

To its credit, WSU has stepped up their game when it comes to user security, specifically with their December introduction of multi-factor authentication (MFA) for students logging into myWSU. However, when taking into account the incredible predisposition of universities to cyber attacks, we need to take a more proactive approach to defending vulnerabilities in the WSU network.

“It’s a bigger concern in universities,” said Adam Hahn, a WSU professor of computer science, with a focus in cybersecurity. “We have a lot of students, and we don’t have as much control over how they use their systems and their accounts. From a university perspective, that makes [computer security] that much harder to handle.”

The increased student population, many of whom have no real understanding of network and computer security, makes for a virtual tidal wave of content hitting the WSU firewalls. Inevitably, something’s going to slip through. 

“I think any big organization would be vulnerable to phishing,” Gaddis said. “When you have more people, you have more chance of [network security] failure.”

But all is not lost for our internet addicted future leaders. Illicit pirated copies of “Terraria” are still yours for the taking. However, college network security requires a two-pronged approach: one from the side of the administration, and one from the side of the students.

Firstly, the administrative focus on network security needs to be cranked up to 11.

“I think [MFA] is a great idea,” Hahn said. “If you really want to protect your account, you have to use two factor, I don’t think there’s any way around that.”

MFA is great, but there are other ways to address commonly used scams, like phishing. For example, better spam filters for the university email accounts would weed out the fake job offers Gaddis described.

In terms of student responsibilities, we can do a lot to ensure our online safety. Hahn recommends that students use MFA on all online accounts, as well as keeping security systems updated, to minimize outdated device vulnerabilities.

And for the love of God, use some common sense online. Don’t click sketchy links. Don’t enter your personal info to a site you don’t completely trust. Above all, don’t get sucked into the rabbit hole that is online subtitled illegal rips of “Borat.” Believe me. I know.