Higher Ed Networks 3 Times More Likely To Be Infected

  • By Dian Schaffhauser
  • 10/17/13

The networks run by colleges and universities are three times more likely to be infected with malware than networks in government agencies or businesses, according to research by security vendor OpenDNS. The company also said that the EXPIRO family of malware was the most common type of threat experienced by the higher education sector. Both of those findings were announced at this week's Educause 2013 conference, taking place October 15–18 in Anaheim, CA.

The company pulled that information out of an analysis of data from its own network, which delivers cloud-based Web security services. OpenDNS said in a statement that it uses a combination of data analytics, graph theory, and machine learning to detect and block up to 80 million threats coming into its customers' systems every day.

"Our research shows that while higher education institutions face the same cyber-attacks as enterprises and government agencies, they tend to be compromised by malware and botnets at a much higher rate," said Chief Technology Officer Dan Hubbard. "Clearly, colleges and universities must operate more open networks and support an endless number of access devices which puts them at higher risk."

The number one threat for higher ed customers is EXPIRO, an exploit that was first uncovered in 2010. It typically surfaces on systems when a user visits an infected Web site hosting a Java or PDF exploit and is in turn infected. Once the exploit is on the newly infected system, it seeks out EXE files to infect and steals system and user information. The information it collects is saved to a DLL file and uploaded to command-and-control servers for use by the attackers.

Hubbard added that the application of "fundamental security best practices" can "significantly reduce" the rate of infections on campus. Those include:

  • Alerting users when new "spear phishing" campaigns surface on the institution's network;
  • Using analytics to block user access to "malvertising" (the use of online advertising to spread malware) and "watering holes" (ordinary Web sites infected with malware); and
  • Applying DNS layer-based enforcement to block malware-infected devices from communicating with their command-and-control hosts.

OpenDNS is in booth 721.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • data professionals in a meeting

    Data Fluency as a Strategic Imperative

    As an institution's highest level of data capabilities, data fluency taps into the agency of technical experts who work together with top-level institutional leadership on issues of strategic importance.

  • magnifying glass with AI icon in the center

    Google Intros Learning-Themed AI Mode Features for Search

    Google has announced new AI Mode features in Search, including image and PDF queries on desktop, a Canvas tool for planning, real-time help with Search Live, and Lens integration in Chrome. Features are launching in the U.S. ahead of the school year.

  • row of students using computers in a library

    A Return to Openness: Apereo Examines Sustainability in Open Source

    Surprisingly, on many of our campuses, even the IT leadership responsible for the lion's share of technology deployments doesn't realize the extent to which the institution is dependent on open source. And that lack of awareness can be a threat to campuses.

  • shield with an AI microchip emblem hovering above stacks of gold coins

    AI Security Spend Surges While Traditional Security Budgets Shrink

    A new Thales report reveals that while enterprises are pouring resources into AI-specific protections, only 8% are encrypting the majority of their sensitive cloud data — leaving critical assets exposed even as AI-driven threats escalate and traditional security budgets shrink.