Black Hole Router Provides New Protection

Is your data safe?

The University of Illinois, home to one of the largest research networks, constantly faces cyberattacks from around the world. In just the last week of February 2015, Technology Services security logs show that over 900,000 pieces of malicious traffic tried to infiltrate the network.

These attacks—called brute force authentication attacks—are unsophisticated pieces of code that scan the Internet for weaknesses and try to guess usernames and passwords. Once in the network, these scripts can steal and corrupt data immediately or set up back doors that let them drop in and out of the network whenever they wish.

But thanks to the Black Hole Router, the Illinois network just got a lot safer.

A new security measure from the National Center for Supercomputing Applications (NCSA), Technology Services Networking, and Tech Services Privacy and Information Security teams, the Black Hole Router is quick to identify malicious traffic. Once identified, the traffic is automatically routed away from the campus network, drastically reducing the amount of time that the cyberattack has to scan the University’s network.

Since the Black Hole Router was fully implemented in late March, brute force attacks against the network have dropped from roughly 900,000 per month to 50,000 per month. Technology Services Principal IT Field Consultant Kevin Pointer provides another perspective: “on April 20th, there were 47,655 attacks; before the Black Hole Router, there would have been 400,000.”

Tech Services IT Security Analyst Wayland Morgan cautions that total security is impossible. “Risk is always a part of doing business,” he notes. Managing risk rather than preventing it is the daily work of IT professionals.

Projects like the Black Hole Router help IT professionals manage risk automatically.

Researchers can continue to take advantage of an open network without having to worry as much about network security as they did in the past. And IT professionals can dedicate their time to stopping less persistent, higher-grade threats. For instance, the Black Hole Router has given Pointer back an extra half hour each day to focus on better protecting data from more sophisticated attacks.