Academic institutions need to take steps to protect themselves against distributed denial of service (DDoS) attacks, a new report finds. Right now, many online systems used by colleges and universities are vulnerable to hacker hijacking.

REN-ISAC, the Research and Education Networking Information Sharing and Analysis Center, has completed a report which finds that academic institutions must begin reviewing their Domain Name System (DNS) and network configurations or face hijacking by sophisticated hacking techniques.

Universities Unprepared for DDoS Attack

REN-ISAC is a membership of more than three hundred different colleges, universities, and research centers across North America, Australia, New Zealand, and Sweden.

According to Doug Pearson, REN-ISAC's technical director, the group hopes to make administrators at post-secondary institutions realize that the threat is very real. (Source: pcworld.com)

"The REN-ISAC wants to raise awareness and drive change concerning common network and domain name system (DNS) configurations that fall short of accepted best practice and which, if left unchecked, open the door for your institution to be exploited as an unwitting partner to crippling denial of service attacks against third parties," Pearson said.

Pearson says the most potent threats facing academic institutions are DNS amplification and DNS reflection attacks. These both involve sending DNS requests using a fake Internet Protocol (IP) address.

The end result is a spike in traffic capable of sending critical online systems offline.

"These attacks may exploit thousands of institutional DNS servers to create an avalanche of network traffic," Pearson noted.

"The higher education and research community needs to do its part to ensure that we are not helping to facilitate these attacks."

Academic Institutions Increasingly Dependent on the Web

With more and more universities moving towards distance education courses, this could present real problems for students who take their exams and submit their assignments in an online environment.

The REN-ISAC alert includes several suggestions for improving security defenses, including the adoption of anti-spoofing network filtering methods. (Source: net-security.org)