Cyber security news site, Dark Reading, recently reported on the news that millions of stolen and fake email credentials from across 300 of the largest universities in the US were available to buy on the Dark Web.
The stolen and fake student, faculty and alumni access credentials are being offered to buyers for anywhere from $3.50 to $10 per email address. But why are email domains linked to education so attractive to hackers and cybercriminals and what can other education institutions do to avoid a similar situation?
Why the education sector?
This is not the first time an education institution has fallen victim to compromised credentials. Globally, IT teams responsible for network security in universities and schools are experiencing increasing pressure to secure sensitive data from internal and external threats. Hackers see email addresses linked to education institutions as particularly tempting for several reasons.
In the eyes of a cybercriminal, these credentials come from a well-respected domain, meaning they are less likely to raise suspicion when used online. They are also appealing due to the considerable amount of personal, financial and even medical information these types of organizations store, meaning this wealth of data can be used for further malicious and illegal activities. Just imagine the mischief a hacker could get up to with a stolen date of birth, address or medical records.
Students and university staff are also often eligible for numerous incentives, such as discounts on clothing, travel, etc. These stolen email addresses could provide hackers with access to perks they would not usually be entitled to.
Lastly, cybercriminals often take advantage of the fact that the academic environment is often more difficult to secure than other organizations or companies. The very nature of education promotes instant access to information and the exchange of ideas. So how can IT teams in charge of education institutions ensure they uphold and maintain these values whilst protecting the reams of sensitive data held in their systems?
An open yet secure network
For the most part, scholastic data security policies are reactive, in that they only implement protocols following a breach. To protect Universities, schools and colleges against potential threats, IT departments must take pre-emptive measures to stop hacks before they take place by implementing a system of network access control and identity management.
One way to manage this is through context-aware security, which determines whether to grant or deny access to a user based on information other than that person simply having the right password and login details.
This type of security system can use details such as where and when the login attempt is taking place or the device the person is using to determine whether to grant or deny access.
This would mean that any suspicious activity, whether it was a careless user, an innocent student prank or something more sinister, would be instantly spotted and responded to, before it became a bigger issue.
Sharing passwords is a common issue amongst students, who are prone to forget or lose their own login details. This same technology would prevent the serious security flaws caused by password sharing, by limiting students to only one possible session at a time. A malicious user would therefore be unable to gain access at the same time as a genuine one.
Another benefit of preventing concurrent logins is that legitimate users would be made accountable for any dishonest acts, whether this is sending a jokey email from a friend’s account for fun or worse, performing an insider attack.
The right access for the right person
Just like faculty and students have different levels of access to certain parts of the campus, when it comes to network access, the level granted should be appropriate to each person’s role and rank. By controlling user login rights in this way, educational organizations can take control of their network security.
This issue isn’t just something we’re seeing in the US. Globally, IT teams in charge of education institutions need to restrict concurrent log ins and prevent unauthorised users from accessing sensitive information. In the UK, we have worked with The University of Kent to ensure their data remains protected, yet accessible to those who need it.
By installing software solutions such as UserLock and FileAudit organizations are given the tools they need to efficiently and effortlessly monitor and protect sensitive data, enforce network access security and prevent serious data breaches. It’s as easy as ABC.
*** This is a Security Bloggers Network syndicated blog from Enterprise Network Security Blog from ISDecisions authored by Chris Bunn. Read the original post at: https://www.isdecisions.com/blog/it-security/credential-theft-education-protect-institution-data-breach/