Universities Get Schooled by Hackers

  /     /     /  
Publicated : 23/11/2024   Category : security


Universities Get Schooled by Hackers


Colleges and universities are prime targets for criminals due to huge sets of personal information and security that is weaker than in many businesses.



As university students leave campus for holiday breaks, they may carry more than new knowledge home to family and friends. Recent research points out that colleges and universities are coming under more aggressive security attacks while their defenses struggle to keep up with growing demand.
In Defending Networks at Higher Learning Institutions — Heroes Needed, a report issued earlier this fall, researchers at InfoBlox pointed out that the complexity of the university network environment makes effective defense difficult. Years ago we planned one jack per pillow, and thats changed in such a short period of time, says Victor Danevich, Infoblox CTO. He believes that each student on campus represents approximately seven IP addresses, making most state and many private universities the home of hundreds of thousands of connected devices.
And while the complexity and levels of attacks are growing, the issues in higher education cybersecurity arent new. A report released by EdGuards, A Brief History of Higher Education Insecurity, walks readers through attacks from 2002 through 2018 to show how hackers have evolved. One of the growing issues is the size of the databases sought and compromised by criminals, with tens to hundreds of thousands of records exfiltrated in attacks on scores of schools.
That evolution is aided by legitimate university network users. More than half of the administrators
surveyed by InfoBlox
say that 25% of students arrive on campus with their devices carrying malware. The 25% infected rate shows the devices that students are bringing from home, Danevich says. Its not laptops. Its IoT devices [and] mobile devices. For university security teams, the implication is simple. You cant take a look at the security once a year. You have to be much more current because it changes so fast, he explains.
While students are a common infection vector, they are not the ultimate target. Business applications, such as HR, Financial and Campus Solutions by PeopleSoft or other vendors, are the main target, as they store the most critical data and are vulnerable to both hackers and malicious insiders, the
EdGuards paper
states. 
University security teams hamstring themselves when they see security as a traditional perimeter game because new devices and techniques simply bypass classic perimeter defenses, Danevich says. He recommends defense at the network perimeter, in-network control, and thorough, constant monitoring with automated assistance.
You can put up a blacklist, but now it has to be taken a step farther with a collection of information thats come from a variety of devices hooked to a SEIM and passed to a Splunk or ArcSight, he says. Ultimately, he explains, We need to use more machine learning and be smarter with what we do.
Related Content:
Education Gets an F for Cybersecurity
UC Berkeley Launches Cybersecurity Citizen Clinic
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
7 Free (or Cheap) Ways to Increase Your Cybersecurity Knowledge

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Universities Get Schooled by Hackers