Web Attack, Access, and Isolation

by Doug Ramsey, 15/11/2013

Doug Ramsey

On October 14, 2013, the Thanksgiving Holiday in Canada, someone made an unauthorized access into one of the 40 computer servers at Brandon University. We call these people hackers. Some do it just to prove they can. Others do it for more vindictive reasons. Regardless of the reason, it is an invasion of property – little different than a thief breaking into someone’s home.

The only private data accessed was student application data from between 2004 and 2009.  These files had been used a number of years ago by University staff to develop a new registration tool. The data contained the name of the applicant, their address at the time, their date of birth, and in some instances their Social Insurance Number. Many at Brandon University felt violated. I am sure applicants whose data was accessed would feel violated.

This event meant that most Web sites operated through BU servers were pulled off-line. A third party computer services and forensics firm was hired to investigate. Working with BU’s, IT Services staff, literally around the clock, it took one full month before all sites were back up and running again.

 This leads me to the point of vulnerability.

Over the past decade I have been working to build a new academic journal: The Journal of Rural and Community Development (JRCD). For almost two years, I went through a consultation process with people around the world, including ICRPS faculty. This consultation resulted in the creation of an open-access, on-line, double-blind, peer-reviewed journal. The JRCD was launched in October 2005. The Rural Development Institute at BU is the publisher.

Interestingly, this was just as I began my first academic sabbatical which was spent in Italy and Germany. I began as journal editor at a distance. This proved the point of choosing the platform we did. Anyone could access the JRCD anywhere in the world as long as they had access to the Internet and could download PDF documents. And access is FREE.

Over the course of the eight years that the JRCD has been on-line, we have published 19 issues with 153 peer-reviewed articles and 164 papers in total. We have 1,715 registered authors. Twenty-five articles have been accessed more than 10,000 times – and one of these, almost 27,000 times. A further sixty articles have been accessed between 5,000 and 10,000 times. The remaining 80 articles have been accessed between 800 and 5,000 times.

 The JRCD is my proudest professional achievement. It has been so successful that I received a three-year journal publication grant ($60,900) in 2012. This has allowed me to improve the efficiency of the review and publication process. Now, not all has been perfect. The site has periodically gone down. Finding appropriate reviews is the most challenging aspect. Not all people have access to the Internet. For the most part, though, it has achieved its goal.

And then it hit. On one of the few holidays in the year we can spend time with friends and family and be thankful for all that we have, someone (or more than one person) decided to illegally access the university system. They stole data and completely turned the university upside down. It garnered negative local press at a time when our university struggles to have the local community understand our value.

It also meant that most of the university’s Web sites had to be taken off-line. It also meant that other sites that they host were also taken off-line. The JRCD was one. I have spent the last month agonizing about this, including with correspondence to frustrated authors and reviewers.

It also affected the ICRPS Web site, including this blog. Interestingly, this is not the first time ICRPS has had Web site difficulty. A number of years ago, someone outside of BU failed to renew the www.icrps.com Web address. Someone, somewhere in the world realized this, took ownership of it, and tried to sell it back to ICRPS!!  This is when RDI at BU stepped in. The www.icrps.org address was purchased and RDI took over creating a new site and maintaining it.

 And now this!!

Most of us are connected to a university or workplace that is not entirely isolated – at least spatially. Now imagine rural residents who are isolated spatially and technologically. Or imagine rural residents who accepted spatial isolation knowing that they could connect to the outside world through the Internet. It has often made me wonder if we are too reliant on technology. This threat makes me realize these fears once again.

 I am not sure what a month absence to a relatively new blog means. However, I hope that having lost it temporarily that users will appreciate it more and perhaps discuss and debate vulnerabilities in rural and remote regions.

Thanks for your patience. Remember to back up your files,

Doug

Doug Ramsey is an Associate Professor at Brandon University in Manitoba, Canada. He participated in the 2004 (Ontario), 2005 (Belgium), 2009 (Scotland), and 2011 (Norway) ICRPS institutes, hosted the 2006 Institute in Manitoba, and assisted in planning the 2007 (Spain) Institute. He is a rural geographer interested in agricultural restructuring and rural tourism. Email Doug at  ramsey@brandonu.ca

Leave a Reply

Your email address will not be published. Required fields are marked *