ITS teams stay prepared for cyberattacks

By | July 26, 2017
Team members of IIA, Network Operations, Network Security Operations, and Network Engineering, gather around a table to talk through potential attack scenarios

U-M networking and security experts gather to talk through potential network attack scenarios

A group of security and networking experts across ITS met recently to ensure U-M is prepared for potential distributed denial-of-service (DDoS) attacks. The group worked through three exercise scenarios and discussed the appropriate response to each.

Denial-of-service is a cyberattack in which the perpetrator floods the bandwidth or resources of a targeted system until it collapses under the load. As a result of deliberate network congestion, services are disrupted and genuine users are denied access, either temporarily or indefinitely.

As a top-ranking public institution, U-M is always a target for such attacks. An attack might be launched for any number of reasons: extortion, political motivation, and anti-competitive business practices are just a few.

Preparing is half the battle

At U-M, the purpose of meeting in advance of attacks—a so-called tabletop exercise—is to create a thorough incident response plan, such as how to analyze and mitigate attacks on U-M network infrastructure. Ultimately, the goal is to protect the online computing resources on which the campus community relies. Potential attack scenarios include:

  • U-M being attacked from an outside force—university machines are targeted by external system(s)
  • U-M being attacked internally—university machines are infected with malware to attack external networks or systems

The most recent tabletop exercise found that U-M generally can manage typical DDoS attacks effectively. However, each attack is different, and U-M, like any other large entity, must keep prepared.

Protection from Merit

Thankfully, U-M is not alone in the fight against cyberattacks. Merit Network, a nonprofit organization governed by U-M and other Michigan public universities, provides U-M access to the longest-running regional research and education network. As part of that network service, Merit monitors for, and provides protection against, DDoS attacks, most of which are mitigated before they reach university targets.

The teams involved in this year’s tabletop were Information Assurance (IA), and several groups under ITS Infrastructure—Network Operations, Network Security Operations, and Network Engineering. Plans for additional tabletops are already being planned.