University opportunities: Cyber attacks

Tuesday 5th September 2017
Bring Your Own Malware

Cyber criminals are launching hundreds of successful cyber attacks on British universities each year, targeting scientific, engineering and medical advances including research into missiles. Cybersecurity breaches at institutions that include Oxford, Warwick and UCL (University College London) have doubled in the past two years to 1,152 in 2016-17, according to data released after freedom of information requests by "The Times."

Commenting on this, Dr Anton Grashion, (right) MD - security practice, at Cylance said “Universities are competing for the best students, and one of the areas that gives them a small competitive advantage is this flexibility in connecting students to their network and the Internet. Historically, universities have had a very open infrastructure for students with the ultimate in policies for ‘BYOD’ (Bring Your Own Device). However, what this also results in, is 'BYOM' (Bring Your Own Malware).

"Students' laptops, as I am sure those of us with teenage children will attest, are usually the most riddled and infected systems in our families, generally due to the nature of their browsing habits, trusting nature and their lack of IT security awareness. Whether it is looking for streaming services while away from home, or looking for online resources or books to help with their studies, they may find themselves on insecure websites, which can result in them being open to having anything from adware or worse clandestinely delivered to their devices.

Therefore, it is no surprise that universities are suffering from an increase in security breaches, even with segregation of faculty and research networks. Their network environments are some of the most challenging networks to manage, with usually smaller security and staffing budgets.

"Cyber crime follows the usual criminal triumvirate of Means, Motive and Opportunity. Means and Motive are not difficult to discern or obtain to those engaged in this type of activity, and students and faculty at Universities provide a tempting and easily accessible Opportunity”

News broke yesterday that that thousands of files containing personal and sensitive information on US citizens who have classified, and up to Top Secret, security clearances have been exposed; presumably for most of the year due to a security lapse. Chris Vickery, director of cyber risk research at the California-based security firm UpGuard, discovered the cache of around 9,400 job application files on an unsecure Amazon Web Services S3 storage server that required no password to access.

Commenting on this, Lisa Baergen, director at NuData Security said: “All data breaches are serious for those individuals and organizations concerned, but this breach is particularly concerning given the status of the affected parties. Data that is stolen during a breach will most likely end up for sale on the dark web, and this data is no different. The personal information of US citizens with top secret clearance for sale on the dark web is a potentially disastrous and could attract attention from major criminal organizations or even hostile nation states. The individuals concerned should remain vigilant to the targeted spear phishing attacks and other types of cybercrime which could follow on from this.  Organizations using authenticated online accounts need to be ever more vigilant to protect persons impacted by these breaches from account takeover and identity theft. Many organizations are looking to a more secure means of protecting accounts using a multi-layered approach to security. This includes the benefits of incorporating passive biometric solutions into their authentication process to truly verify it is the right user behind the account and not an intruder using the personal information stolen from breaches of this size and magnitude.”


Custom Search

Scotland, Computer News in Scotland, Technology News in Scotland, Computing in Scotland, Web news in Scotland computers, Internet, Communications, advances in communications, communications in Scotland, Energy, Scottish energy, Materials, Biomedicine, Biomedicine in Scotland, articles in Biomedicine, Scottish business, business news in Scotland.

Website : beachshore