Security Expert On Guard For NJIT Networks, Prepares Users For Digital Wilds

Five monitors adorn George Eliopoulos' desk — he tried six and said it was too many — where the security analyst is responsible for protecting NJIT computer systems from malicious hackers.

Eliopoulos earned a master of science degree in computer security here and started his current role in the Information Services & Technology office in 2015. His job includes responding to high-priority incidents, evaluating daily security logs, keeping all university end users aware of best practices, and staying knowledgeable about the latest technology.

October is National Cybersecurity Awareness Month, as started by the U.S. Department of Homeland Security and private industry in 2004. To do his part, Eliopoulos meets with NJIT students and distributes cybersecurity information in the campus center throughout the month.

Higher education is the third-most popular target for computer criminals, and the biggest security problem universities face is those who trick legitimate users into giving away information by email, he explained. That could happen by a sender posing as somebody else, or by making you think a link or attachment is real when it's actually spyware. Hollywood-style attacks using sophisticated cracking tools are rare.

"We have a good hold on security. The one problem is that everything in security costs money. Being in higher education, we always need to be financially responsible and try to get the most bang we can for our buck," Eliopoulos said. There are about 13,000 NJIT email accounts for students, faculty, and staff, plus tens of thousands more for alumni, he said.

Informed users are the most powerful defense, so the university in autumn 2019 purchased a security training application from Tampa Bay, Fl.-based KnowBe4, which NJIT faculty and staff learned about by email — that message was real and shouldn't be ignored. KnowBe4 stands apart from other security companies because it's endorsed by famed hacker Kevin Mitnick, who served several years in federal prison on controversial charges in the 1990s and is now a sought-after speaker and security consultant.

A common trick that Eliopoulos sees is when a scammer sends faculty or staff an urgent message under the guise of an important person's name, such as president Joel Bloom or provost Fadi Deek, instructing the recipient to send them items such as iTunes gift cards. In that example the crooks are betting that employees wouldn't question instructions from executives. Eliopoulos said one person recently fell for such a message purportedly from a department head.

Yet another example is for students to receive unsolicited emails about job offers that promise good pay for little work. The student enthusiastically agrees and the scammer mails them a fake check to purchase a computer for the job. The scammer then emails to say they sent too much money and tells the student to return some by wire transfer. The wire transfer goes through, but the fake check bounces, effectively stealing money from the student. There is no job.

A third example is money laundering, where a hacker sends you funds that really do exist, and then convinces you to send some of it to another person. This makes you a visible accomplice to a felony, but the source of the money is nowhere to be found.

Eliopoulos monitors intrusion attempts by using software from computer networking stalwart Cisco Systems. He gets daily logs and keeps his eyes open for overseas connections to the NJIT virtual private network. He wants to start doing network flow analysis, which would provide real-time insight into attacks. There is also technology on the horizon using artificial intelligence for responding to or even anticipating attacks, he noted.

Hackers tend to run automatic scanning software which looks for network vulnerabilities. "We're talking thousands of scans against our network every day, also there's probably a thousand or so phishing emails that come in every day," he added.

He also routinely looks for vulnerabilities that need bolstering. "I do a penetration test at least in some aspects quarterly, and yearly we have an external company come in," Eliopoulos said. "Now that we're an R1 school our visibility is higher. We've become more of a target."

Criminals are criminals, and every engineer knows the word hacker just means someone who enjoys the challenge of exploring and building, as in a hackathon. But for the bad guys it's lucrative work, which is why the Ying Wu College of Computing has experts such as Prof. Kurt Rohloff who heads a cybersecurity research center here.

"There are very smart people working hard to make money because it's big business. There's guys out there who write great code for the wrong people," Eliopoulos observed. For regular users, "Really it's not that hard to check these things. People have just got to get in the habit. If it sounds out of the ordinary, out of character, probably something's wrong with it."

Update: Shortly after publishing this story, many NJIT users received an email from an application called Wildfire. The email asked people to register to receive campus updates. That email is spam — "NJIT has no affiliation with this company and has contacted them to stop the unsolicited marketing to the NJIT community," an email from the IST department stated. "Official NJIT notifications regarding campus safety will come from NJIT via the Campus Wide Notification Service (CWNS)."