External costs
Students and university staff are not the only ones affected by the campus
security violations. Such violations have far reaching consequences in
other communities as well.
One such study suggests that the W32.Blaster worm may have contributed to
the cascading effect of the black out on Aug. 14, 2003 .On the day of the
blackout, Blaster degraded the performance of several communications lines
linking key data centers used by utility companies to manage the power
grid. The inability of critical control data to be exchanged quickly
across the grid could have hampered the operators' ability to prevent the
cascading effect of the blackout. The Blaster worm also hampered the
ability of utilities in the New York region to restore power in a more
timely manner because some of those companies were running Windows-based
control systems with Port 135 open - the port through which the worm
attacked systems. Because of the global nature of the Internet, the
computers at such utility companies could have been infected by worms and
viruses from any infected host connnected to the network. A campus-wide
virus epidemic adds a sizeable number of infected hosts into the global
figure of infected machines. This increases the overall probability of the
computers at the utility companies getting infected at any one time.
Break-ins to computer systems on campus often result in the stealing of
personal data located on the victim's harddrive. This information includes
one's list of email addresses, software product keys and even credit card
numbers. An attacker tries to obtain email addresses from the computers
they break into for the purpose of spamming, increasing the amount of
redundant global email traffic. Product keys can be sold or used for
operating illegally copied software. This worsens the growing software
piracy market and affects the revenue of software manufacturers. Finally,
credit card numbers are used in credit card scams often by organized crime
syndicates.
Lastly, attackers routinely try to break into campus computers because of
the high bandwidth campus network such computers have access to. Access to
a high bandwidth network is highly desirable to an attacker who intends to
carry out some form of DOS(Denial of Service) attack on some major site on
the network(like Yahoo! for instance). DOS involves hijacking vunerable
machines on the network and using such machines to send massive amounts of
redundant network packets to a victim machine. This normally results in a
system overload on the victim side, making it shutdown or have really poor
performance.
|