FBI continues search for hacker involved in national cyber attack

Over a week after the cyber attack that caused computers to crash at universities and military installations across the country, the search to find the responsible party continues.

The Federal Bureau of Investigation and Microsoft Corporation have coordinated server dumps at the affected Universities in an effort to ascertain the exact type and origin of the attack, said Lee Varian, CIT Director of Systems and Networking.

The University has also been taking specific actions to prevent this sort of attack from happening again, both by blocking the IP address from where the attack originated and by encouraging students to acquire the available software "patches" from Microsoft's home page, Varian said.

CIT Senior Technical Staff Member Peter Olenick said despite encouragement from the University, individuals are still responsible for their own work stations.

"We don't have that much control over private workstations. All the University workstations and servers are already protected, though," Olenick said.

"The problem here is a hole in the (Windows NT) operating system. This attack was just exploiting a hole," he said.

'Specifically targeted'

Manager of the Department of Computing for Electric Engineering and Computer Sciences at the Massachusetts Institute of Technology David Rho said he thought the attacks were specifically targeted.

"It's tough to make this kind of attack on the Internet as a whole. They clearly tried to attack specific IP addresses," he said.

Head of Network Security at Northwestern University Roger Safian noted that, while the University of Chicago was affected by the attack, Northwestern University was not.

"If I had to guess, I'd say the attacks were directed at the different sights for a reason. (The hackers) must have had some beef with Princeton and the other places involved," Safian said.

According to Microsoft Corporation Group Products Manager Edmund Muth, a firewall that screens incoming data from the Internet can prevent this type of cyber attack.

However, Olenick and Varian agreed that a firewall would dramatically decrease the efficiency and public accessibility of the University network.

Get the best of ‘the Prince’ delivered straight to your inbox. Subscribe now »

"Firewalls are possible, but they put restrictions on Internet use. With a network as large as Princeton's, you would need a firewall that could sort all the data packets going to all the Internet access points," Olenick said, adding, "My major concern is performance."

Rho also said that firewalls are not the solution to preventing future attacks. "It's an educational environment, and you don't want to restrict the Internet too much," he said.