FBI Director Christopher Wray, in an appearance before the U.S. Senate Judiciary Committee in Washington, D.C., earlier this week, praised the Texas A&M University System for its work to help other academic institutions with their cybersecurity efforts, and for its collaboration with the bureau on matters of national security.
U.S. Sen. Ted Cruz, R-Texas, expressed during the hearing that he harbors concerns about universities protecting vital information with potential national interest.
“One concern that I have, particularly in the academic sector, is their leaders tend to be — in some instances — less aware of the scope of the threat and less sophisticated and savvy than some, in, say, the Fortune 100 world in terms of means of defending against espionage and theft of intellectual property,” Cruz said.
In the midst of a larger exchange, Wray said that the FBI has done “some very good work with Texas A&M recently to try to raise awareness in the university space.”
Kevin R. Gamache, the A&M System’s chief research security officer, said he leads the team responsible for ensuring the system’s universities and state agencies are compliant with U.S. requirements for protecting sensitive federal information.
“We have been working with a large number of universities over the last eight years or so creating a university-led effort to work with some of our federal government partners, including the [FBI],” Gamache said in a Wednesday interview with The Eagle.
In Tuesday’s hearing, Wray described China as the biggest national security threat facing the United States. Wray said he has seen an information flow from U.S. universities, especially at the graduate level, directly back to China for “the advancement of its various strategic plans” and for what he described as the country’s goal of “economic dominance over us.”
Wray also said that U.S. universities need to be more aware of who has access to sensitive information, and university officials should be setting up safeguards to prevent the outflow of intellectual property and other secrets.
On Wednesday, Gamache said that the multi-university effort has aimed to raise awareness about the threats faced by universities. Gamache said that relatively open access to — and sharing of — research has been a strength among U.S. universities, “but the thing that has made us effective has also made us vulnerable.
“Essentially what we’re talking about is state-sponsored organizations that are exploiting the openness of academia,” Gamache said. “The fact that our university systems are so open is being exploited by state-sponsored actors.”
Gamache said that some nations employ “non-traditional” actors for information gathering, sometimes using unknowing visiting scholars and students to obtain data.
“Often times, these nontraditional collectors are being used unwittingly,” Gamache said. “They’re not even aware that they’re being used as a tool of their state. Not everything is nefarious.”
“The A&M System has done a lot over the last few years in terms of tightening up our networks to reduce our cyber threats,” he continued. “Another part of the work is to create those relationships between the FBI and academia — that’s not a relationship that’s natural to academia, but particularly with the A&M System and the Bryan and Houston offices of the FBI, we have worked very hard over the past few years building that relationship so there is trust and not suspicion between the two sides.
“When our federal partners become aware of information that we should know, the relationship is already established and the door is open, so communication is much more effective.”
Gamache said recommended security measures for universities include helping researchers be more aware of threats and helping faculty to understand what they ought to be looking out for.
“On a day-to-day basis, there are things that individuals can do to maintain proper cyberhygiene of your research,” Gamache said. “Make sure you know who is getting access to your information, and keeping sensitive information secure can prevent opportunistic exploitation.”