Office of the Vice President for Global Communications

Wednesday, October 17, 2012

Report of Iranian hackers taking over U-M computers called pure fiction

An online news report that U-M computers had been hijacked by Iranians in an attempt to hack into the U.S. banking system is just the latest proof of a 21st-century adage: You can't believe everything you read on the Internet.

"These assertions are simply not true," says Paul Howell, U-M's chief IT security officer, who almost laughed out loud when he read the report.

A story Monday in the online Washington Free Beacon that attributed its information to an unnamed Internet security expert, said Iranian hackers "took over a University of Michigan computer network during a massive cyber attack on U.S. financial systems last week …"

"Someone put one and one together and got three," Howell says.

What the security expert actually detected was the Internet security research of J. Alex Halderman, a U-M assistant professor of electrical engineering and computer science. He focuses on Internet security and part of his work includes a census of how secure the Internet is. That effort has been going on for the last six months and continues, Halderman says.

"What we are doing is taking a census of how many people are using secure Internet protocols," he explains. "We're trying to help secure the World Wide Web."

The so-called hacking attempts were actually benign connection attempts generated from one computer, not a network, in the College of Engineering. The program is designed to contact randomly selected servers and count the number of successful connections.

Each server receives up to about 10 connection attempts a day. Because many servers are contacted, the total number of connections may appear high, which Halderman speculates might have fooled the reporter. The information collected by the project will be used to measure the progress in the level of security of computers connected to the Internet.

Halderman's work, he says, actually does no harm and is "advancing us toward a more secure Internet."

He also notes that anyone concerned about contact from his computer can easily get an explanation of his research project by typing the address of the computer into an Internet browser. Up pops a notice that begins with this: "This machine is part of an Internet-wide network survey being conducted by computer scientists at the University of Michigan."

Halderman says his best guess on the connection to Iran is that it was a convenient explanation for a story based on an agenda instead of one based on facts. "If someone would have called us we would have been happy to explain this research."