Universities must brace for a step change in cybersecurity threats as criminals and manipulators exploit runaway connectivity to feed their greed for data, according to a former adviser to Barack Obama.
Cybersecurity expert Jeff Bleich said artificial intelligence was fuelling a new wave of speculative data theft. And the challenge that “keeps me awake at night” is 5G mobile network technology, said the former US ambassador to Australia.
Professor Bleich said universities could not afford to steer clear of 5G until its security risks were resolved, because the technology’s potential to underpin extraordinary improvements to research and teaching made it “irresistible”.
“The speeds are breathtakingly fast, and it connects with every device you can imagine. Rather than suggesting that people need to somehow stop or avoid it, we need to mobilise as a society to figure out how to make it work for humanity, as opposed to overwhelming humanity,” said Professor Bleich, who also served as special counsel to Mr Obama in the White House.
Professor Bleich now lectures on security issues at Adelaide’s Flinders University and has given his name to the university’s new multidisciplinary research centre on digital technology.
Its establishment coincides with rising concern about the data security of universities themselves. In early June, the Australian National University revealed that hackers had netted almost two decades of staff, student and visitor records.
A fortnight later, the Australian Catholic University said a “phishing attack” had accessed staff emails and bank account details. Both incidents emerged after a report from the New South Wales auditor-general warned universities to strengthen cybersecurity controls to “protect sensitive data and prevent financial and reputational losses”.
Professor Bleich said universities were entering a period of “rapidly adapting security”, with information now being harvested by people who had no immediate idea about how to use it. He cited the 2015 hack of the US Office of Personnel Management, when the records of some 4 million people were stolen.
It was not clear whether the culprits planned to sell the data, use the information for blackmail or distract government officials by “creating mischief with their bank accounts”, he said. Another possibility was that the records were simply being used “to create a larger dataset for the future” on the assumption that they would be “highly valuable in some context”.
The race to adopt 5G means that data will now be collected “in ways we have no ability to track”, he warned, with hackers “using technologies that we have not yet figured out how to stop”.
Professor Bleich said universities should be wary in their dealings with Huawei, the Chinese company considered the global 5G leader. “I think having Huawei in the backbone of a 5G system is a grave threat, and the countries that have taken a close look at it have reached the same conclusion,” he said.
He predicted a role for blockchain, the digital ledger technology, in protecting universities’ data. While people tended to equate blockchain with the virtual currency bitcoin, it was an “invaluable tool” for tracing activities with complete accuracy.
“It’s in the background of a number of different systems, and it’s continued to evolve and improve for each of them. Blockchain may be part of the solution, but there’s going to be a suite of solutions – not one magic bullet that suddenly makes everyone’s information secure. As soon as you develop a magic bullet, someone’s going to come up with a magic shield.”