Higher Ed Networks 3 Times More Likely To Be Infected

  • By Dian Schaffhauser
  • 10/17/13

The networks run by colleges and universities are three times more likely to be infected with malware than networks in government agencies or businesses, according to research by security vendor OpenDNS. The company also said that the EXPIRO family of malware was the most common type of threat experienced by the higher education sector. Both of those findings were announced at this week's Educause 2013 conference, taking place October 15–18 in Anaheim, CA.

The company pulled that information out of an analysis of data from its own network, which delivers cloud-based Web security services. OpenDNS said in a statement that it uses a combination of data analytics, graph theory, and machine learning to detect and block up to 80 million threats coming into its customers' systems every day.

"Our research shows that while higher education institutions face the same cyber-attacks as enterprises and government agencies, they tend to be compromised by malware and botnets at a much higher rate," said Chief Technology Officer Dan Hubbard. "Clearly, colleges and universities must operate more open networks and support an endless number of access devices which puts them at higher risk."

The number one threat for higher ed customers is EXPIRO, an exploit that was first uncovered in 2010. It typically surfaces on systems when a user visits an infected Web site hosting a Java or PDF exploit and is in turn infected. Once the exploit is on the newly infected system, it seeks out EXE files to infect and steals system and user information. The information it collects is saved to a DLL file and uploaded to command-and-control servers for use by the attackers.

Hubbard added that the application of "fundamental security best practices" can "significantly reduce" the rate of infections on campus. Those include:

  • Alerting users when new "spear phishing" campaigns surface on the institution's network;
  • Using analytics to block user access to "malvertising" (the use of online advertising to spread malware) and "watering holes" (ordinary Web sites infected with malware); and
  • Applying DNS layer-based enforcement to block malware-infected devices from communicating with their command-and-control hosts.

OpenDNS is in booth 721.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • interconnected cloud icons with glowing lines on a gradient blue backdrop

    Report: Cloud Certifications Bring Biggest Salary Payoff

    It pays to be conversant in cloud, according to a new study from Skillsoft The company's annual IT skills and salary survey report found that the top three certifications resulting in the highest payoffs salarywise are for skills in the cloud, specifically related to Amazon Web Services (AWS), Google Cloud, and Nutanix.

  • AI-inspired background pattern with geometric shapes and fine lines in muted blue and gray on a dark background

    IBM Releases Granite 3.0 Family of Advanced AI Models

    IBM has introduced its most advanced family of AI models to date, Granite 3.0, at its annual TechXchange event. The new models were developed to provide a combination of performance, flexibility, and autonomy that outperforms or matches similarly sized models from leading providers on a range of benchmarks.

  • landscape photo with an AI rubber stamp on top

    California AI Watermarking Bill Garners OpenAI Support

    ChatGPT creator OpenAI is backing a California bill that would require tech companies to label AI-generated content in the form of a digital "watermark." The proposed legislation, known as the "California Digital Content Provenance Standards" (AB 3211), aims to ensure transparency in digital media by identifying content created through artificial intelligence. This requirement would apply to a broad range of AI-generated material, from harmless memes to deepfakes that could be used to spread misinformation about political candidates.

  • happy woman sitting in front of computer

    Delightful Progress: Kuali's Legacy of Community and Leadership

    CEO Joel Dehlin updates us on Kuali today, and how it has thrived as a software company that succeeds in the tech marketplace while maintaining the community values envisioned in higher education years ago.