Campus Queries: Bruins discuss past cyberattack on UCLA, future prevention and protection
A computer screen with numbers is pictured. Cyber attacks have increased in frequency recently (Catherine Hamilton/Daily Bruin senior staff)
Sept. 21, 2023 11:44 p.m.
Q: What are cyberattacks, and how can they be prevented?
A: Cyberattacks are illegal attempts to access a computer system and its data. However, updating and automating cybersecurity might allow institutions to avoid them.
With cyberattacks on the rise in the past couple years, many large institutions – such as banks and credit unions, healthcare organizations, and educational institutions – have faced data breaches.
In May, UCLA – along with thousands of other organizations – was targeted by a worldwide cyberattack. Though the university did not say what data was accessed or how many users had been compromised, the Federal Bureau of Investigation confirmed that the CL0P Ransomware Gang exploited a vulnerability in Progress Software’s application MOVEit Transfer, an application used by the university to transfer files across campus and to other institutions.
In an emailed statement, UCLA said that upon discovering a third party had illegally gained access to the MOVEit platform, the university activated the appropriate response procedures and used Progress Software’s security patch to mend the vulnerability.
“The university notified the FBI and worked with external cybersecurity experts to investigate the matter and determine what happened, what data was impacted and to whom the data belongs,” the university said in the statement. “This is not a ransomware incident. There is no evidence of any impact to any other campus systems.”
Two common attacks used by groups like CL0P Ransomware Gang are ransomware and denial-of-service attacks, said Lixia Zhang, a professor of computer science. During a ransomware attack, attackers block access to a computer system and demand payment in return, Zhang said, adding that a denial-of-service attack involves overwhelming a network with traffic and making it inaccessible for users.
Salma Alandary, co-president of the Association for Computing Machinery Cyber club, said she was shocked to hear UCLA had been a victim of a cyberattack. However, Alandary, who is also a fourth-year computer science student, said she approved of how quickly UCLA took action to patch the software, a crucial step after becoming aware of a cyberattack so attackers cannot further exploit the vulnerability.
She said the only part of the response she took issue with was the amount of time UCLA took to notify those affected and the broader community about the attack, which was disclosed at the end of June.
“Going forward, I just really hope that they (institutions) would disclose these things a little bit sooner, as well as try and provide more detailed steps as to what people can do to avoid their data being used maliciously,” Alandary said.
Zhang said a major reason why institutions like UCLA experience these types of attacks is that the software they use may be outdated. Many systems large institutions use were put in place years ago and no longer have the necessary security features built into them, she added.
However, she said that institutions should ensure that the data, if stolen, cannot be interpreted by cyberattackers.
“Data should really be protected when they are in storage, as opposed to data that stays in plain text,” Zhang said. “If the data stay encrypted, for example, then the bad guys could steal the data but they would not be able to decrypt the contents.”
In order to stay informed about cyber risks, Alandary said she encourages all students to keep up with the news. She added that California has a law that requires institutions to disclose data breaches, so anyone can search for California-based organizations they’re involved in and see if their data may have been compromised.
When it comes to preventing cyberattacks in the future, Zhang said improving the type of cybersecurity measures in place is critical – specifically in terms of automation. Right now, the firewalls that prevent cyberattackers from stealing data have been individually developed by humans, but a more effective approach could be automating computers to do this job, since computer-made firewalls may be harder for attackers to crack.
“What we need for the computer system is that innate immunity,” Zhang said. “With today’s network of systems, we haven’t built in that innate security yet.”