With the understanding that technology is a double-edged sword, Taiwan's National Dong Hwa University is beefing up its cybersecurity as it adopts digital tools to become a smart campus. CIO Asia spoke to Professor Chao Han-Chieh (pictured above), President, National Dong Hwa University, to find out more.
CIO Asia: Can you share with me more about your smart campus initiative?
Prof Chao Han-Chieh: The integration of smart technologies plays an essential role in our ambition to become a smart campus. We seek to empower educators and students with digital tools that will enhance their teaching and learning experiences, and enable operation efficiencies within the campus.
Some examples of smart services that we provide include online platforms for teaching, learning, and research activities. On the administrative side, we have administrative systems that store data and information, from students' personal particulars to the school's finance and human resource records. We offer network access to email systems and academic research-related applications. At the same time, we also use these resources to initiate smart meter to cut down our electricity bill, facial recognition to ensure the campus safety and much more.
What technologies are you deploying back-end and front-end to improve the experience of your staff and students?
Our Institution Resources (IR) office provides all kinds of big data collection and analysis. Therefore, we can apply the intelligence from the data we have gathered. For example, staff can easily figure out which student may not be able to catch up with lessons based on his or her record of absence from classes or the number of visits to the library.
How does your smart campus initiative open your university to vulnerabilities?
The adoption of digital tools is common in Institutes of Higher Learning today. From mobile applications that support remote-learning, to cloud technologies that store expensive academic research, institutes are leveraging technology to provide teachers, students and academics, with a healthy environment for the exchange of knowledge.
However, the integration of smart technologies in campuses undeniably makes the institute vulnerable to cyberattacks. This is especially so in a campus environment, where a large number of unrestrained devices can access its network at any point in time.
In the case of Distributed Denial of Service (DDoS) attacks, these have become more sophisticated. In the past, we typically saw single-vector attacks but today they have evolved into multi-vector DDoS attacks. What makes these multi-vector DDoS attacks extremely malicious is their ability to hit an organisation simultaneously on multiple levels to identify and attack via the weakest link in the network. Sometimes, the weakest link is the application layer, which is the user-facing layer and is the hardest to protect.
Conventional DDoS protection solutions typically focus on volumetric/bandwidth attacks that target the network layer. Application-layer DDoS attacks are more difficult to detect and even more difficult to defend against. Instead of relying on sheer volume to overwhelm network bandwidth, an application-layer attack targets specific application vulnerabilities. Such attacks are stealthier, and can go unnoticed until a website or back-end system is down. Examples of these attacks include those that take down school networks via bot nets in Internet of Things devices such as the vending machines and printers within the campus.
As an institution of higher learning which promotes collaboration and sharing, we cannot ring fence and close off our network completely. Therefore, it is imperative that we look at how cyberattacks have advanced and adopt strategies that can prevent them.
Sign up for Computerworld eNewsletters.