Pulse

By GCN Staff

Blog archive

Higher ed networks 300 percent more likely to contain malware

Cyberattacks against college and university networks have been on the rise and, apparently, a fair amount of those attacks are successful.

The Internet security company OpenDNS recently said it found that higher education systems were 300 percent more likely to contain malware than networks in government or industry.

“Our research shows that while higher education institutions face the same cyberattacks as enterprises and government agencies, they tend to be compromised by malware and botnets at a much higher rate,” said Dan Hubbard, chief technology officer of OpenDNS and head of the company’s Umbrella Security Labs, which conducted the research. OpenDNS has 50 million users in 160 countries and monitors that traffic for signs of malicious activity.

The biggest threat to higher education systems, according to Umbrella labs, is the Expiro malware, a family of viruses that can infect files on the Windows platform.  It’s often installed when a user visits a malicious website that’s hosting a Java or Adobe PDF exploit, OpenDNS said, and can steal user and system information.

Hubbard acknowledged that colleges and universities run their networks more openly than, say, a government agency does, and they have to allow for access from a variety of mobile and other personal devices owned by students of faculty. But some fundamental security practices can help.

To protect users from visiting malicious sites and block infected devices from being brought into botnet activities, OpenDNS recommends:

• Alerting users when new spear phishing campaigns are detected.

• Using predictive analytics to block "malvertising" and watering hole Web attacks.

• Applying DNS-based enforcement to prevent malware-infected devices from phoning back to botnet operators over non-Web connections.

Posted by GCN Staff on Oct 28, 2013 at 9:57 AM


Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

resources

HTML - No Current Item Deck
  • Transforming Constituent Services with Business Process Management
  • Improving Performance in Hybrid Clouds
  • Data Center Consolidation & Energy Efficiency in Federal Facilities