***************************************************** Edupage is a service of EDUCAUSE, a nonprofit association whose mission is to advance higher education by promoting the intelligent use of information technology. *****************************************************
TOP STORIES FOR FRIDAY, AUGUST 11, 2006 UT to Hire Cybersecurity Czar University Researchers Find Hole in HSBC Editors Resign after Web Site Budget Slashed Report Points to Malware in Social Networks UT TO HIRE CYBERSECURITY CZAR Calling IT security a "monster," Charles Chaffin, chief audit executive and compliance officer for the University of Texas System, announced plans to hire a cybersecurity czar to manage IT security at the system's 15 campuses. Although each campus in the UT System has a chief information security officer, there has not previously been such a position covering all of the campuses. The person in the new position will have oversight of system-wide efforts to improve computer security, including reducing use of Social Security numbers as student identifiers. One of trickiest problems with eliminating Social Security numbers is that for years, faculty used them as identifiers for students in their classes, and many faculty still have old records on their computers that include the numbers. Chaffin noted that within the UT System, there are tens of thousands of PCs that possibly contain Social Security numbers. Austin American-Statesman, 10 August 2006 http://www.statesman.com/ UNIVERSITY RESEARCHERS FIND HOLE IN HSBC Researchers at the School of Computer Science at Cardiff University showed that with the help of keylogging software, they were able to access HSBC bank accounts in nine attempts. Although security experts agree that no system is completely secure, the announcement prompted some to call for tighter security at the financial institution. Michael Panhallurick of the Risk Advisory Group said, "Nine attempts suggests that HSBC's system is not robust enough." A spokesperson from HSBC said that the problem does not present "a viable route for fraudsters." Online thieves, he said, would be better off spending their efforts elsewhere rather than gaining access to individual accounts. Still, officials from HSBC said they would review their security procedures in light of the announcement. BBC, 10 August 2006 http://news.bbc.co.uk/2/hi/business/4778351.stm EDITORS RESIGN AFTER WEB SITE BUDGET SLASHED Two editors of a Web site associated with Columbia University resigned after Nicholas Lemann, the dean of the university's graduate school, cut the site's budget by almost half. The site, CJRDaily.org, was launched in 2004 to cover the election, but the popularity of its political analysis prompted the university to keep the site up. Although CJRDaily reportedly has nearly 500,000 page views per month, the site is free and currently includes no ads. Lemann said the site would begin to carry ads. After failing to raise enough funds to maintain the site's budget, he decided to redirect money to fund a campaign to increase subscriptions to the print magazine, "The Columbia Journalism Review." The expected increased revenues from the print journal, said Lemann, would be used to support CJRDaily. Steve Lovelady, the site's managing editor, and Bryan Keefer, the assistant managing editor, resigned in protest, reducing the staff to six. Lovelady said he disagrees with Lemann's idea to take money from the online venture and put it toward a print journal. New York Times, 11 August 2006 (registration req'd) http://www.nytimes.com/2006/08/11/business/media/11mag.html REPORT POINTS TO MALWARE IN SOCIAL NETWORKS A recent monthly report from Internet security firm ScanSafe calls attention to the rising incidence of malware on social networking sites. According to the report, as many as 1 in 600 profile pages contained sypware, adware, or other malicious software. Social networking sites have become extremely popular with children and college students, and Eldar Tuvey, chief executive and cofounder of ScanSafe, said his company's report points to another risk users face. "[B]eyond unsafe contact with harmful adults, these sites are an emerging and potentially ripe threat vector that can expose children to harmful software," he said. The report noted that some sites, including Facebook and LinkedIn, have fewer malware pages than sites without restrictions on who can join. ScanSafe noted that in addition to social networking traffic from teens, use of the sites has also grown to represent about 1 percent of Internet usage in the workplace, potentially exposing corporate networks and users as well. The Register, 10 August 2006 http://www.theregister.com/2006/08/10/social_sites_breed_malware/ ***************************************************** EDUPAGE INFORMATION To subscribe, unsubscribe, change your settings, or access the Edupage archive, visit http://www.educause.edu/Edupage/639 Or, you can subscribe or unsubscribe by sending e-mail to [EMAIL PROTECTED] To SUBSCRIBE, in the body of the message type: SUBSCRIBE Edupage YourFirstName YourLastName To UNSUBSCRIBE, in the body of the message type: SIGNOFF Edupage If you have subscription problems, send e-mail to [EMAIL PROTECTED] ***************************************************** OTHER EDUCAUSE RESOURCES The EDUCAUSE Resource Center is a repository for information concerning use and management of IT in higher education. To access resources including articles, books, conference sessions, contracts, effective practices, plans, policies, position descriptions, and blog content, go to http://www.educause.edu/resources ***************************************************** CONFERENCES For information on all EDUCAUSE learning and networking opportunities, see http://www.educause.edu/31 ***************************************************** COPYRIGHT Edupage copyright (c) 2006, EDUCAUSE
