Trinity is set to spend €300,000 on an upgrade of its IT system, The University Times has learned, in a project the College hopes will prevent a recurrence of cyber attacks that saw it lose close €1 million in April.
After Trinity Foundation was targeted by cyber scammers last year, Trinity is pushing ahead with a €300,000 IT project that will include additional security controls and an upgrade to the College’s IT services.
So far the “Unified Communications” project has been separated into two parts. Last year, part one saw increased protection to telephone systems as a result of the ongoing building work across campus. Part two, which will be implemented this year, is a follow-on project that will include several productivity improvements. Speaking to The University Times, Director of IT Services Patrick Magee explained that “it’s quite a big project and it will run for a period of time”.
Interest in Trinity’s cyber security peaked last April when a cyber attack on the accounts of the Trinity Foundation saw an estimated €1 million stolen. The attack was first detected by police in the UK who noticed suspicious activity in the accounts and alerted bank officials. After The University Times submitted a freedom of information request, College refused to reveal how much money has been recovered from the attack to date, citing the fact that the investigation is still ongoing.
College doesn’t have a specific budget for cyber security, but a significant chunk of the €300,000 will be used to redevelop an IT system that has faced criticism in the past. While the €300,000 is a once-off spend to upgrade services, annual spends on cyber security include €18,841 on anti-virus software and €1,000 on encryption software. The College also spent an additional €11,358 during the 2016/17 academic year on a phishing-awareness programme.
In 2017, Trinity will also spend €160,589 on replacement firewall appliances, with a further €9,800 set aside for maintenance. Magee said that this spend was due to the limited lifetime of the technology. Typically, devices of this kind would last for “around five years”. When they meet their end, support and maintenance can no longer be obtained and security updates fall behind, leaving them “vulnerable”.
When questioned on the biggest threat to Trinity’s cyber security, Magee said that “there isn’t really a simple answer to that because it’s so multifaceted these days”. One of the biggest concerns facing Magee, however, is the emergence of zero-day threats. This is a security breach which arises and affects certain systems for which there isn’t a security patch available and it quickly spreads.
Magee explained that one of the top priorities for IT Services in the future will be educating the Trinity community on the importance of cyber security. Talking about the staff and students, Magee called them “the first line of defence and the last line of defence”. It is important that these “trusted members of our university network” are being mindful of what they receive and know how to report anything suspicious. “We just have to be almost paranoid but certainly mindful”, he added.
As Trinity upgrades to more modern services, such as the Cloud, more protections are becoming available to IT services. Trinity already has anti-virus and anti-malware software on every machine, which scans emails as they enter and leave the college for spam or viruses. Currently, Magee said, the software catches “99 per cent of what is out there”. Advanced threat protection is another layer that monitors traffic and protects services when it notices unusual behaviours “rather than just scattering them when they hit or are downloaded to a PC”.
Included in the project is also the cost of deploying protections that already exist in the software licences obtained by College but have yet to be fully deployed. Increasingly, organisations are becoming wary of using passwords to protect against cyber attacks. Magee said that combining passwords with other pieces of information offers an “extra layer of security” and is something the College will be developing over the coming months. A small number of groups are currently testing it out on a pilot basis.
There are several costs involved in deploying extra layers of security. People need to be trained in how to implement the new system, and processes have to be put in place should people require assistance accessing their accounts. Magee explained that it was important that the system enjoyed a certain level of automation so that people who needed to, could access Trinity’s systems at all times and from any location: “Let’s imagine that you are travelling for research purposes and you’re in another part of the world in another timezone and you’re unable to get onto our systems because of one of the multifactor authentications. We don’t want you having to wait until IT help services desk opens at nine in the morning because you’re in the wrong time zone.” IT Services are currently looking at how personal systems can be reset or unlocked should there be a need outside of office hours.
Magee warns that the project has “lots and lots of components” with IT services “evaluating” all the necessary elements.