Malicious cryptomining or cryptojacking, as it's called, describes the theft of computer processing resources — electricity, cloud services and other digital assets — that are then exploited to do cryptocurrency mining without the owner's permission or knowledge.
Stanford University has implemented a "bug bounty" program that pays people for finding vulnerabilities in the university's software systems. Set up by the Information Security office, the program is only open to Stanford students and full-time employees. Rewards range from $50 to $1,000, all paid in Amazon gift cards.
"A delicate balance exists between privacy and security in schools," a recent federal report on school safety noted. "On the one hand, there is the legal requirement to protect the privacy of student education records. On the other hand, it is critical to recognize that some education records may contain information that, if disclosed to appropriate officials, could help prevent students from harming themselves or others."
The federal government is grappling with how to develop policies to curb Chinese economic espionage at American universities without falling into racial or ethnic profiling.
Microsoft has introduced a new series of open access courses on cybersecurity that can be taken for free or, for more formal recognition, as a certificate program for a fee. The Microsoft Professional Program Cybersecurity track includes 12 courses — 10 of which must be completed successfully to earn the certificate. The program is hosted on edX and includes labs, community interaction and quizzes. Content is delivered online through videos.
In the coming year, IT organizations in colleges and universities expect to be grappling with "data-enabling" their institutions, funding, and setting up their units as institutional leaders and change agents. That's what IT leaders told Educause in its latest survey to determine the top 10 IT issues for higher education.
The National Science Foundation’s Secure and Trustworthy Cyberspace program is getting more support from the federal agency in the form of a $78.2 million portfolio of technology projects.
Because registrars and enrollment managers make decisions daily that affect securing data, both roles should be "key members" of the cybersecurity team. According to a new paper on information security in higher education, those individuals should meet regularly with the CIO and chief information security officer to weigh in on incident response plans, risk management and training programs.
Multiple institutions of higher education will be playing a big role in Cyber NYC, a $30 million initiative launched by the New York City Economic Development Corp. to make New York a worldwide hub for cybersecurity innovation.
The most common form of phishing email in education tends to include an attached invoice; 66 percent of hacker attempts use the attached invoice ploy to get unwary recipients to click on an infected link; another 28 percent use a payment notification scheme; and 6 percent try online order tricks.
