University research data a target for hackers
IT security experts are expressing concern about the threat posed to Danish universities by hacker groups, some of which may be sponsored by foreign governments, keen to steal valuable research results, Videnskab.dk reports.
Mads Sinkjær Kjærgaard, the deputy head of IT at Roskilde University (RUC), described constant attempts to hack the university’s system. “There’s always someone knocking at our firewall,” he said.
“We can see all the time that there is someone scanning our systems looking for weaknesses. There are many who try to enter, and I have no doubt that some have succeeded. But the super professionals and security services can’t be seen – it’s only the amateurs you see.”
Interest to foreign governments
He highlighted that science and engineering research data can be of particular interest to foreign governments. “I see it being mainly states that would go in and take that type of information,” he said.
“If there’s an intelligence service from China or a western European country, their main objective is to delete all of their traces – so we can’t say with certainty, but there’s certainly a risk.”
Chinese, Russians and Nigerians blocked
Ole Boulund Knudsen, the head of IT security at Aarhus University, told Videnskab.dk that state-sponsored attacks were possible, but not the biggest threat the institution faced. “We have research data that we need to closely guard,” he said.
“For example, there are people in forensic medicine who have access to data that we need to protect extra well. But research results are a funny thing. They are often top-secret until the day they are published, after which it’s about distributing them as widely as possible.”
RUC has taken the step of blocking IP addresses from China, Russia and Nigeria following hacking attempts from these countries. “It goes against openness on the internet, but we can see in RUC’s log analysis that there have been co-ordinated attacks from these places,” Kjærgaard said.
“It’s out job to protect RUC’s network, so we’ve chosen to block their access. Also, the likelihood that a RUC employee is in one of these places and needs access isn’t very high.”