Higher Education: Protecting Your School Against Cybercrime
What do the University of Maryland, Iowa State University, Stanford University, and many others have in common? All have been the victim of cybercrime in the past two years.
Improved defensive measures have made direct attacks on traditional targets like banks very difficult and time consuming, so hackers are turning their attention to other, sometimes more vulnerable organizations like colleges and universities. Academia is just one of the pathways criminals are using to steal personal financial information for identity theft and bank fraud.
Beware of online banking malware
By far the most common method of cyberattack is a phishing message that delivers malicious software and might target student and faculty bank accounts or university payroll systems. Once the malware has been delivered, it monitors and records system activity, stealing personal information, login credentials, and codes for internet banking services. Sophisticated malware can sometimes bypass even the most robust defensive measures. Regular penetration testing can help identify and close any security gaps.
Learn to recognize email spear phishing
Malware code is often delivered via email, either by a file attached directly to the message, or more commonly, by use of a link to a rogue website. In the later case the malware returns with the web page and attempts to install itself on the victim’s computer. This type of phishing attack is called “spear phishing” since only one email might be sent to the victim organization.
Ransomware: A different kind of threat
Attacks by ransomware such as CryptoLocker are growing since they are relatively easy to initiate via a spear phishing message. The malware encrypts data on servers and workstations and then demands payment in exchange for the encryption key. Zipped files are sometimes used rather than a website link. Since zipped files are notoriously difficult for anti-virus software to inspect properly, some organizations block all zip file attachments. Having working and tested backups of key data is critical to surviving a ransomware attack.
Protect your school, your students, and your employees
Universities should consider these tactics to protect the integrity of their technology and data:
- Educate everyone from administrators to faculty and students to spot potentially fake emails and to be wary of website links and file attachments.
- Stay current on defensive measures such as firewalls, intrusion detection systems, and spam filters.
- Keep up-to-date on the anti-virus software for university-owned devices, complete regular scans to keep them clean, and recommend that employees and students do the same.
- Keep all network servers and PC workstations current with the latest security updates and patches.
- Limit the number of PCs used to conduct online cash management. If possible, isolate them from the rest of your network.
- Encrypt sensitive data, such as student account information, academic records, intellectual property, and Social Security numbers.
- Become familiar with and utilize all key bank security tools for online cash management.
- Multifactor authentication
- ACH blocks and filter
- Daily and individual transaction limit
- Wire call-back features
- Positive pay systems to reduce check fraud
- Monitor activity and balance online accounts daily.
- Read and thoroughly understand your agreements with your financial institutions related to online activity.
- Develop an incident response plan so users know who to contact immediately if they suspect malicious activity on a school or personal computer.
- Make regular backups of key data and systems; store these in a secure off-site location. Periodically test the integrity of backup media.
- Establish a relationship with local law enforcement agencies that are familiar with online crimes.
- Perform periodic vulnerability or penetration assessments to validate that controls are functioning as intended.
Cybercriminals are sort of like antibiotic-resistant bacteria – the more you treat the illness, the quicker they evolve and find new ways to infect your systems and do their damage. That means that IT security is never really finished. The key is to stay ahead of the curve. Conducting business securely in an environment of ever-increasing threat is possible with the right strategy and implementation.