14 DAY TRIAL // After the recent distributed denial-of-service (DDOS) attacks, hacks, and the gunman hoax, the Massachusetts Institute of Technology (MIT) is determined to improve campus security, including the organization’s cyber security.
In a security memo published a couple of days ago, MIT reveals that it will implement a series of changes to its networks to ensure they’re better protected.
One of the most important changes refers to strengthening network traffic policies by blocking all traffic that originates from outside of MIT. Publicly available services will not be impacted.
“By default, incoming traffic originating from outside MIT's network destined for clients on IS&T-operated networks will be blocked,” the memo reads.
“Today, systems on the MIT network are subjected to thousands of unauthorized connections per day from nearly every country around the globe and, as a result, MIT sees more than ten compromised user accounts each day. Blocking incoming traffic reduces the potential for damage to MIT systems from malicious activity on our network.”
In addition, users of MIT administrative applications such as SAP, MITSIS and Data Warehouse will only be able to access them from an MIT IP address or via the organization’s VPN service.
Furthermore, password quality and expiration policies will be improved. This means that weak passwords will be changed and all new passwords will be tested for a minimum level of complexity.
To protect mit.edu and web.mit.edu against “electronic vandalism,” MIT will use Akamai’s content distribution network.
Another important improvement is the restriction of recursive access to MIT’s DNS servers. So far, the institute’s DNS servers have been operated as open resolvers.
However, experts have often warned that open resolvers can be abused by cybercriminals to launch DDOS attacks, which is why MIT has decided not to utilize this configuration anymore.
These changes will be implemented in the upcoming weeks.