UITS officials are advising the UA community to be cautious when using the UA Public wireless connection.
The UA offers two options for wireless connection: UA Wi-Fi and UA Public.
Christian Schreiber, university information security officer of University Information Technology Services, said UA Wi-Fi is an encrypted wireless signal, meaning the data is unreadable without a key to translate it.
Michele Norin, chief information officer of UITS, said it is the most secure connection available and is recommended by UITS.
“As long as you use that secure portion with your ID and your password, we’re pretty confident of its security,” Norin said.
UA Public is an unencrypted signal provided to the general community. It is not secure because no key is required to see the data. If it must be used, according to Schreiber, UITS advises users not to enter personal information or passwords because they are easily discovered by criminals lurking online.
Schreiber said unencrypted connections make it easy for hackers to intercept sent information.
“It’s like sending postcards through the mail,” Schreiber said. “There’s really no way to guarantee that it does stay private when you’re using unencrypted wireless sessions like that.”
Hackers will “sniff” out information sent through the wireless connections, analyze it and use it to get usernames and passwords, Schreiber said. Because people generally use the same passwords for everything, it gives hackers easier access to their other accounts.
User credentials can also be used to send out spam or emails phishing for information.
“There’s a community of people who want to do bad things,” said Derek Masseth, senior director of infrastructure services at UITS, “and they share that information once they’ve gathered it.”
Masseth said four major categories of hackers exist. There are hackers looking to mine data so they can steal identities. Anonymous hackers are looking for resources with the intention of taking control of a mass amount of computers to attack a certain target.
There are also hackers just doing it out of revenge, Masseth said, adding that the most frightening of all is the nation-state example — state sponsored electronic terrorism and intelligence hacking.
“Everybody as an individual user on a network should be diligent about their practices on the Internet because of the myriad of different attack vectors hackers use,” Masseth said. “The best safeguards any of us can put into place is our own personal due diligence. If people are asking for things like that, and you don’t look them in the eye on a regular basis, be suspicious. Be very suspicious.”
Students can report suspicious emails to security.arizona.edu. While not all requests for personal information or passwords are bad, Masseth said people should be careful with such requests.
“No legitimate IT support person or desk will ever ask for your password,” Masseth said. “If someone asks you for a password for a bank account, for any personal information over email, be immediately suspect.”
Free antivirus software is provided to students online at softwarelicense.arizona.edu. If students need computer support, they can go to the 24/7 IT Support Center in the Martin Luther King Jr. building. These services are provided free through the student IT fee.
“From a security standpoint, it’s not really traditional hackers that are sitting in Russia or China that you need to worry about,” Schreiber said. “It’s the people that are sitting right there next to you.”
– Follow Meggie Kessler @Meggie1024