Academics at the University of California Berkeley have protested after it emerged that management had put a secret data slurping device into the campus that was mapping and storing all network traffic.
“The intrusive device is capable of capturing and analyzing all network traffic to and from the Berkeley campus and has enough local storage to save over 30 days of all this data,” Ethan Ligon, a member of the Senate-Administration Joint Committee on Campus Information Technology, wrote in an e-mail to fellow faculty members, the SF Chronicle reports.
Benjamin Hermalin, chairman of the UC Berkeley Academic Senate, also expressed serious concerns about the monitoring, and about the storage of the data off-campus. As a third party company is running the device, rather than the university’s IT staff, there were also privacy issues to consider.
“What has upset a lot of the faculty was that the surveillance was put in place without consulting the faculty,” he said. “In fact, the people installing the system were under strict instructions not to reveal it was taking place.”
In response, the university sent El Reg a letter from David Kay, chair of the University Committee on Academic Computing and Communications, explaining that the monitoring system had been set up to protect the university’s research facilities from hackers.
He explained that the device was installed after an IT intrusion in June last year against UCLA Health. The attack may have captured the personal information and health records of 4.5 million people.
In response, the president of the University of California Janet Napolitano, who you may remember from her past jobs as the head of US Homeland Security and the governor of Arizona, instituted a plan to firm up the university’s online defenses.
“We have been informed that the monitoring of communications looked only for ‘malware signatures’ and Internet traffic patterns. As neither message content nor browsing activity were monitored, we believe this level of monitoring can be appropriate,” the letter [PDF] reads.
“We have been informed that monitoring of transmissions occurs only at campus edge, and does not capture internal campus traffic. Monitoring of traffic patterns for a pre-defined purpose can be appropriate given that results are maintained for a limited time and limited use.”
The monitoring system that was put in place is apparently designed to watch out for advanced persistent threat attacks, although that’s rather nebulous. Such cyber-assaults, as detailed last week by the NSA’s top hacker, are multi-phase affairs involving phishing emails, network mapping, and hardcore hacking.
Nevertheless, the academic row continues. Historically, UC Berkeley is one of the bastions of free speech and it’s clear many are unhappy at being snooped on. ®
Building secure multi-factor authentication