August 25, 2011

Malicious Software Attacks Bring Vanderbilt Response

There has been a sharp increase in the number of attacks to the Vanderbilt network from websited containing malicious software (malware).

Such attacks, which are generated from a variety of sources and countries, are designed to capture confidential information, such as usernames, passwords, personal information and research findings. These attacks can harm data, systems and the Vanderbilt network. They are often launched from websites that are themselves safe but have some variety of malware attached to them. The direct and indirect costs from these attacks to Vanderbilt — and to individuals — are significant.

To protect its faculty, staff and resources, Vanderbilt University is using a number of tools, including a malware prevention service called OpenDNS. As of December 2010, OpenDNS was in use by almost 17,000 Vanderbilt users with impressive results. From January to June of 2011, the service protected computers against almost 2.6 million malware infections.

Should users inadvertently visit an infected website, the service generates a block screen informing them that malware has been detected and the site cannot be accessed at that time.

Sites are monitored in real time on a regular basis, so that they can be accessed again after malware issues have been resolved. If a user believes that a site has been blocked in error, he or she can contact ITS, which will investigate and take corrective action with OpenDNS when appropriate.

Additional software does not need to be installed on any devices. Users will be protected whenever they are logged onto the Vanderbilt network. The service will be implemented on Aug. 24. ITS has a FAQ guide available (http://its.vanderbilt.edu/Malware-Prevention/FAQ) for individuals who wish to learn more about using OpenDNS on their home devices.