Higher education networks are 300% more likely to be infected with malware than their enterprise and government counterparts., according to research just released by OpenDNS.
“Our research shows that while higher education institutions face the same cyber-attacks as enterprises and government agencies, they tend to be compromised by malware and botnets at a much higher rate,” Dan Hubbard, CTO of OpenDNS and head of Umbrella Security Labs said in a statement. “Clearly colleges and universities must operate more open networks and support an endless number of access devices, which puts them at higher risk; however, by implementing some fundamental security best practices, it is possible to significantly reduce and contain the current rate of infections on campuses.”
According to Umbrella Security Labs, the EXPIRO malware is currently the number one threat to universities and colleges. It typically is silently installed when a student or faculty member visits a Web site hosting a Java or Adobe PDF exploit. Once the malware is installed, it acts as a file infector that steals user and system information. The information it captures is saved in a DLL file and sent to the attackers command and control infrastructure.
Preventing students and faculty from falling prey to these attacks is more challenging than protecting employees on a corporate network due to the large scale of typical college and university networks. Traditional approaches to cyber-security based on deep packet inspection or proxying all network traffic aren’t well suited for these high-bandwidth environments. They often end up creating network bottlenecks, adding latency and introducing points of failure in addition to raising privacy concerns.
To protect users from visiting malicious sites and block infected devices from phoning home, some of the best practices that colleges and universities can implement include:
- Alerting users when new “spear phishing” campaigns against the institution are detected
- Using predictive analytics to block “malvertising” and “watering hole” Web attacks
- Applying DNS-based enforcement to prevent malware-infected devices from phoning home to botnet operators over non-Web connections
Related Articles:
- Your Ultimate Guide to Student and School Internet Safety: Part 1
- Your Ultimate Guide to Student and School Internet Safety: Part 2