This spring, Megan Koenig attempted to log into her University of Florida account, only to find that a third party was trying to steal her identity.
Hackers had changed her password and began gathering her information.
The Poucher Legal Education Series hosted a lecture on Nov. 9 called “Cybersecurity and Our Digital Lives: A Policy Discussion." It touched on this issue of identity theft and other nationwide problems caused by hackers.
“With both traditional computing and the Internet of things, consumers give all of their data through various websites and databases,” said Katrina Blodgett, a staff attorney at the Federal Trade Commission and one of six panelists who participated in the cybersecurity discussion. “People don’t think about the patterns or vulnerability that hackers can find.”
While the tech team at UF was eventually able to help Koenig change her password and re-secure her account, there is no promise that a third party doesn't have her information. Even more disturbing, Koenig said that people could gain access to her bank account through the UF system, because the number is linked with her direct deposit.
“It worries me that there are people who can get around this system and manage to get all of our information from UF," Koenig said.
Ryan Benson, a second-year law student at UF, said he has also fallen victim to hackers and data issues because he did not educate himself about cybersecurity in the past.
He said he and other students provided credit card information for a summer program six years ago at UCF, which was later hacked and leaked by a third party.
“We all need to limit the data we give,” Benson said. “Giving the absolute minimum should always be the way to go.”
Aaron Brantly, one of the panelists and a professor with the United States Military Academy’s Department of Social Sciences and Army Cyber Institute, said we are all participating in this cyber game because our data is out in the open.
He made his point by asking the entire audience at the discussion who owned a cellphone. All but one person said they had one.
“We use things like phones and computers all the time, but we have no concept of using them,” Brantly said. “There is a very poor perception of risk. Education about this is crucial for us. ”
There is a need for better data and information management, said Andrea Castillo, program manager of the Technology Policy Program for the Mercatus Center at George Mason University.
She said both private and public entities underrate privacy risks.
“We take what we do for granted,” Castillo said. “We don’t ask what data we give to third parties and we know nothing about where it goes. Something as small as a Fitbit can be used to track your behavioral patterns so someone can plan to rob you.”
As a university, Brantly said, it is vital to foster an environment that elevates the collective level of security to provide a safe and productive educational experience both inside and outside of the academic environment.
“UF, as a top research institution with a vast capability to generate intellectual property must also be conscious of the need to safeguard this information or risk losing its competitive advantage,” Brantly said. “Students, faculty and staff at the university constitute a target rich environment.”
UF's Chief Information Security Officer works to ensure all information is kept secure, said Mark Tehranipoor, a professor in cybersecurity in the UF Department of Electrical and Computer Engineering. In addition, there is the Florida Institute for Cybersecurity (FICS) at UF, which focuses on the educator and research innovation that Brantly emphasized.
Through these efforts, students like Koenig and Benson may be safe from future attacks.