Tackling Malicious Code in a University Environment: A Case Study

This paper is a case study of malicious code incidents in a large public university as seen through the eyes of the security liaison over a one-and-a-half year period. It documents Internet research of these incidents and provides some helpful resources available on the Internet for other university Information Systems Security Officers (ISSOs). This university acts as an Internet Service Provider (ISP) to the students, granting them access to the Internet in a variety of ways with multiple operating systems and platforms supported on multiple subnetworks. Although difficult to configure or control, this variety can have an advantage - diverse operating systems and e-mail applications can sometimes limit the amount of damage a specific instance of malicious code can cause given its dependencies on the operating system and/or applications it uses to spread. As long as there are users, there will be malicious code; so, as long as there are universities, there will be malicious code incidents.