On Wednesday, Feb. 3, all of the Brandeis network went silent. The login portal, LATTE, sage and all other resources based out of the Brandeis server disappeared. Bandwidth usage dropped from 970 to zero at around 7:15 p.m., and all students were thrown off the grid, save the few who resorted to wireless data and still could not access the Brandeis network. Normal service was not restored until around 9 p.m. Although rare, these events happen, and there needs to be a backup solution to make sure students are not in the dark for hours.
The outage had come out of the blue as one of those “eduroam is crashing” moments that just would not end. I found several students with research papers they could not write, LATTE assignments they could not do and sage accounts they could not check. A close friend of mine who had been dependent on the WiFi after receiving a faulty SIM card for his cell phone went dead and off the grid. Those two hours were among the most worrying, especially as several students I encountered concluded that the network outage was a result of a DDOS attack.
According to LTS’ status page, the outage was related to network hardware, which they have yet to specify in depth. The site says that the problem has been resolved, but it will take time for LTS to figure out what specific part of the system went wrong. When it does, LTS needs to make sure that this type of outage can never happen again.
I am unfamiliar with Brandeis’ network servers and I am therefore unqualified to make any assertion about how they function. It is then with much tenacity that I ask why a single hardware issue would be able to knock out the entire Brandeis network without there being any backup. The count of resources under the umbrella of brandeis.edu is vast and should not be vulnerable to a hit like this. Thankfully, this was only a hardware issue, but this outage shows that such an issue was able to take down the network for two hours; what would happen in the case of a cyberattack?
This has not been a good academic year for security by any means. There have been thefts from the Shapiro Campus Center (SCC) to the Office of the Registrar, where two university computers had been stolen over the weekend of Oct. 24, 2015, according to an email from Senior Vice President for Finance and Treasurer Marianne Cwalina. According to that email, sensitive student information, possibly including social security numbers, was contained in one of the stolen computers. Should a cyber attack occur, the university may run into a similar dilemma.
In an article published by Jacob Edelman in The Brandeis Hoot on Oct. 30, 2015, University Librarian, Chief Information Officer and Vice Provost for Library and Technology Service John Unsworth explained how the university withstands “hundreds of thousands of cyberattacks on Brandeis’ network per month.” This is a testament to LTS’ commitment to cybersecurity, but in an ever-advancing world, not all cyber-attacks can be stopped.
The university needs to make sure that these types of network failures do not happen again, both for the sake of security and that of students’ well-being. To have hardware failure knock out the entirety of Brandeis’ networks for an extended length of time hurts the many students who need to access eduroam, LATTE coursework or submission channels and any other resources offered through the login portal. If something worse happens to the network, we may not be as lucky when it comes to restoration time.
Brandeis should continue to build upon its commitment to cybersecurity as outlined by Unsworth, but it should also look into ways to keep some important portions of the network still running in the case of an outage. Roughly two hours without network access on Feb. 3 threw many into a panic just as the academic semester kicks into full gear.
A prolonged outage is something the university and students cannot afford, in particular if such an outage is more than just a hardware issue. If the network has any vulnerabilities, they can be exploited by individuals with malicious intent, resulting in losses much greater than the outages themselves. The recent outage showed that the network is not perfect and that it needs to be improved. In the name of cybersecurity and academic well-being, the protection of the Brandeis network should be a top priority for the university.
