Thursday, February 25, 2021
Primarius Group
No Result
View All Result
PG-Intel
Advertisement
  • Home
  • Physical Security
  • Cyber security
  • Defense
  • Corporate Security
  • Emergency Management
  • Open Source Intelligence
  • More
    • Geo-politics
    • Threat intelligence
    • Protective Intelligence
    • Risk Management
  • Home
  • Physical Security
  • Cyber security
  • Defense
  • Corporate Security
  • Emergency Management
  • Open Source Intelligence
  • More
    • Geo-politics
    • Threat intelligence
    • Protective Intelligence
    • Risk Management
PG-Intel
No Result
View All Result

How cyberattacks can threaten colleges and universities

1 day ago
in Information Security/Cyber security
0
How cyberattacks can threaten colleges and universities
Share on FacebookShare on TwitterShare on LinkedIn


With the shift to distant studying, faculties are dealing with higher safety dangers and smaller monetary margins, says BlueVoyant.

Darden School of Business University of Virginia Campus Building Refection

Picture: Getty Pictures/iStockphoto

The coronavirus pandemic and lockdown have affected many people and organizations around the globe. However one sector that is been hit onerous is greater studying. As training has moved from in-classroom educating to distant studying, schools and universities have needed to arrange applied sciences that open the door to higher safety dangers. Additional, many colleges are dealing with monetary pressures from college students who’re laying aside training or demanding refunds because of at-home lessons.

SEE: Zero trust security: A cheat sheet (free PDF) (TechRepublic)  

A report printed Tuesday by cybersecurity supplier BlueVoyant seems to be on the safety threats difficult faculties of upper studying and gives options on fight them.

From 2019 to 2020, ransomware assaults in opposition to universities jumped by 100%, in keeping with BlueVoyant. Attackers additionally began demanding bigger sums of cash from schools as the common value of a ransomware assault in 2020 was $447,000. An attack against Monroe College in July 2019 gave the impression to be one of many first “massive recreation” hunts, with the attackers demanding 170 Bitcoin (round $2 million on the time). Since then, ransomware assaults in opposition to faculties have continued to rise.

Scholar accounts are a tempting goal in information breaches and are among the many most extremely trafficked sort of private information on the internet, BlueVoyant mentioned. It’s because college students typically hold their college accounts past commencement and use these accounts to signal into a spread of providers, together with administrative portals, distant video instruments, and distant studying instruments. Multiple-third of all information breaches had been associated to instruments used for distant studying, similar to Zoom, Chegg and ProctorU.

The safety safety arrange by schools and universities is not essentially on par with the defenses utilized by companies and enterprises. That is been very true amid the shift to distant studying.

In its evaluation, BlueVoyant discovered that many universities had unsecured ports associated to distant desktop and on-line databases. Open distant desktop protocol (RDP) ports are probably the most frequent vulnerabilities that result in cyberattacks, notably amongst ransomware gangs. Among the many universities lined within the report, 22% had not less than one open RDP port, whereas 38% had open ports for MySQL, Microsoft or Oracle databases.

A majority of the colleges analyzed even have weak e mail safety, leaving them weak to phishing assaults. Many companies and enterprises use DNS-based e mail safety protocols similar to SPF, DKIM and DMARC. However among the many universities examined, 66% had no sort of e mail safety protocol in place.

To guard schools and universities in opposition to these safety threats, BlueVoyant gives the next suggestions:

  1. Guarantee multifactor authentication. MFA needs to be carried out throughout all e mail providers and delicate accounts. That is current in some greater training faculties, however not all. The vast majority of account compromises might be prevented with such a extra authentication.
  2. Use an extended password coverage. Organizations ought to mandate 15+character passphrases and block the flexibility to reuse passwords and use easy passwords (e.g. 12345). By combining lengthy passwords with MFA, the possibilities of being breached by brute pressure or credential stuffing assaults are significantly lessened.
  3. Monitor for authentication anomalies. Colleges ought to monitor for authentication anomalies (e.g. faster-than-light logins) for all e mail accounts in addition to for any community or cloud providers.
  4. Arrange password screening. NIST recommends that organizations display passwords in opposition to blacklists containing generally used and compromised credentials.

Cybersecurity Insider Publication

Strengthen your group’s IT safety defenses by retaining abreast of the most recent cybersecurity information, options, and greatest practices.
Delivered Tuesdays and Thursdays



Enroll at present

Additionally see

ShareTweetShare

Related Posts

The 3 Most Common Types of BEC Attacks (And What …
Information Security/Cyber security

61% of Malware Delivered via Cloud Apps: Report

February 24, 2021
The 3 Most Common Types of BEC Attacks (And What …
Information Security/Cyber security

Cybercriminals Target QuickBooks Databases

February 24, 2021
How to protect yourself from common job search scams
Information Security/Cyber security

How to protect yourself from common job search scams

February 24, 2021
Ransomware threats to watch for in 2021 include crimeware-as-a-service
Information Security/Cyber security

Ransomware threats to watch for in 2021 include crimeware-as-a-service

February 24, 2021
Medical Data of 500,000 French Residents Leaked Online
Information Security/Cyber security

Medical Data of 500,000 French Residents Leaked Online

February 24, 2021
Kroger data breach highlights urgent need to replace legacy, end-of-life tools
Information Security/Cyber security

Kroger data breach highlights urgent need to replace legacy, end-of-life tools

February 24, 2021
Next Post
First wave of COVID-19 vaccine syringes start journey to Maldives |

First wave of COVID-19 vaccine syringes start journey to Maldives |

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Updates

Workiva Announces CFO Transition | Business Wire

Workiva Inc. to Participate in Upcoming Virtual Investor Conferences

1 min ago
Bell Announces Sale of Six Bell 505 Helicopters to Jamaica Defence Force

Bell Announces Sale of Six Bell 505 Helicopters to Jamaica Defence Force

14 mins ago
NVIDIA Closes Out Q4 & FY2021 With Another Round of Record Earnings

NVIDIA Closes Out Q4 & FY2021 With Another Round of Record Earnings

34 mins ago
Air Force’s Roper Is Gone, But His Vision Lives On

Air Force’s Roper Is Gone, But His Vision Lives On

46 mins ago

Bentley Systems to Present at the Berenberg Design Software Conference

1 hour ago
Explainer: Turkey Turning ‘Supplier’ For Navies of India, Pakistan?

Explainer: Turkey Turning ‘Supplier’ For Navies of India, Pakistan?

1 hour ago
Coalition Plans To Expand Giant ISIS Prison In Syria

Coalition Plans To Expand Giant ISIS Prison In Syria

2 hours ago
The 3 Most Common Types of BEC Attacks (And What …

61% of Malware Delivered via Cloud Apps: Report

2 hours ago
Load More
PG-Intel

© 2020 All Rights Reserved .

Brought to you by Primarius Group

  • Disclaimer
  • Privacy Policy
  • Cookie Privacy Policy
  • Terms and Conditions
  • Contact us

Follow Us

No Result
View All Result
  • Home
  • Physical Security
  • Cyber security
  • Defense
  • Corporate Security
  • Emergency Management
  • Open Source Intelligence
  • More
    • Geo-politics
    • Threat intelligence
    • Protective Intelligence
    • Risk Management

© 2020 All Rights Reserved .