Tag Archive for K12

RB | June 22, 2011
No comments

Cybercrime Stats Say Teachers Susceptible To Phishing Attacks

Internet Security Awareness Training (ISAT) firm KnowBe4 has released new cybercrime statistics that identifies Education as one of the most Phish-prone™ industry sectors. Education is the second most susceptible sector to cybercrime ploys. DarkReading reports the percentage of companies in each sector that responded to the phishing emails are:

KnowBe4 founder and CEO Stu Sjouwerman told DarkReading “Our cybercrime statistics should serve as a wake-up call … Not only are these businesses at risk for financial loss through a cyberheist, but their susceptibility to phishing tactics could compromise sensitive customer data such as credit card, bank account and social security numbers.” 

These findings are based on a recent phishing experiment KnowBe4 conducted among enterprises featured in the latest Inc. 500 and Inc. 5000 listings. DarkReading reports that KnowBe4 used the Inc.com website to get domain names and a free data-gathering service to find publicly available email addresses. KnowBe4 then sent out a simulated phishing email to employees at more than 3,500 companies. Individuals who clicked the link were directed to a landing page that informed them they had just taken part in phishing research. The emails were successfully delivered to about 29,000 recipients at 3,037 businesses; and in nearly 500 of those companies, one or more employees clicked the link. Because of the potential for Internet security breaches among these businesses, KnowBe4 dubbed them the FAIL500.

“Any business that provides access to email or access to its networks via the Internet is only as safe from cybercrime to the degree that its employees are trained to avoid phishing emails and other cyberheist schemes. The more employees within an organization that use email or go online, the greater the risk of exposure to cybercrime” Mr.  Sjouwerman told DarkReading.

Cybercriminals have become very sophisticated in their tactics, and Mr. Sjouwerman notes that they often target businesses through official-looking emails. “Many of the top Phish-prone industries are regulated and subject to compliance rules, so well-meaning employees can be tricked into clicking a link if they believe an email was sent by a government or law enforcement agency, or by someone they know and trust. And with just one click, malware can be instantly uploaded to a system – bypassing both antivirus software and IT firewalls. A cyberheist can be underway within minutes.”

According to YourMoneyIsNotSafeInTheBank.org, small-business accounts suffered more than $40 million in cybercrime losses as of 2009. The website also cites FDIC figures indicating this type of crime increased five-fold within a 12-month period, and notes that the FBI is tracking hundreds of related cases. Small and medium-sized organizations have become the primary targets of the Eastern European hacker gangs behind this frightening new crime wave. These cybercriminals tend to prey on smaller businesses and banks that lack the cyber-fraud controls many larger institutions have in place.

Related articles
Category: Security | Tags: , , , ,
RB | May 21, 2011
No comments

2 of 3 K-12 Networks Breached Multiple Times a Year

Panda Security, a provider of cloud-based security software, recently released a report that says 63 percent of schools experience malware outbreaks or unauthorized user access at least twice a year.  The report, Kindergarten-12 Education IT Security Report (PDF), had some other interesting infobits.

The survey reports that eighty-two percent of schools allow students and staff to connect personal computers and laptops to the school network. Panda says schools recognize outside devices introduce external risks, but they struggle to fully integrate security policies for multiple devices. Only 74 percent of districts are monitoring the use of external devices. Fifteen percent fail to take any extra security measures, leaving those school systems more vulnerable to infection.

Panda Security LaptopMost schools have implemented IT security best practices, there is still room for improvement reports Panda. The report says ninety percent of schools install anti-virus and/or anti-malware on computers, but nearly 25 percent fail to use firewalls, block high-risk websites, or employ user authentication. 86% prevented the use of very risky websites; while 89% mandated users install security software on their systems. Further, 15% of respondents acknowledged that there weren’t any extra security measures in their districts if they wanted to use laptops.

Panda Security bst praticesSocial media is a top concern for schools, but the stringency of school policy varies greatly. Ninety-five percent of schools have a social media policy in place, citing the mitigation of malware-related risks as a main reason for implementation. Twenty-nine percent of schools allow students unlimited access to social media sites, while 32 percent deny students’ access altogether.

Panda Security Social Media

Schools lack the funding to be secure. I have always said that schools face attacks from the inside and the outside. Insiders in a K-12 school network range from technically unsavvy to damn good malicious attackers. Despite this the report  says 72% of schools reported that budget limitations were the main obstacle, to better security and 38% reported non-availability of staff and 29% of the schools, reported their IT staff had to attend to other more important tasks than IT security.  IT administrative staff at 38 percent of schools report removing viruses or malware from IT systems a few times a week, and 21 percent are doing this daily according to Panda.

With malware on the rise and new threats propagated through social media every day, having the right security tools in schools has never been more important. Security issues consume staff time, diverting attention from the business of education. Help Net Security quotes Rick Carlson, president of Panda Security US, who has a great grasp of the obvious, “While the Internet is an invaluable tool for education, it can cause serious interruptions to day-to-day operations if schools fail to properly address security concerns.”

rb-

Just to prove the point, the Oakland Press is reporting that 4 students at Romeo High School in Romeo, Michigan were caught allegedly intercepting 60 staff members emails, including the Superintendent after “something goofy” happened to the website. While I have no first hand knowledge, the news did say the attackers went after people who read their emails on their cellphones. So more than likely it was some kind of Bluesnarfing attack , maybe including a Cain and Able payload to get at passwords.

Related articles

Category: Michigan, Security | Tags: , , , , , ,
RB | August 28, 2010
No comments

New School Year Same Security Threats

Another school year is starting up and security firm WatchGuard has a list of the top threat to school IT systems as classes start-up again.  Eric Aarrestad, Vice President at privately held WatchGuard Technologies says, ”With so much at risk and so much to gain by cybercriminals, today’s campus is one of the most dangerous IT environments around.” He continues, “Unlike enterprise organizations that can throw substantial resources towards network and data protection, schools and universities are more constrained, yet they face some of the most demanding security challenges due to the dynamic interaction between students and their school’s IT resources.”

WatchGuard’s top threats include:

Social Networks The security firm calls social networks, the number one threat to school and university networks is social networks, such as Facebook and MySpace. Unfortunately, social networks act as an ideal platform to launch a myriad of attacks against students and departments, including spam, viruses, malware, phishing and more. Adding to this, socially engineered attacks are often extremely successful due to the “trusted” environment that social networks create.

Malware As students and teachers use the web for education purposes, the Seattle-based firm company says many unwittingly expose themselves to drive-by downloads or corrupted websites, which inject malicious forms of software on their computers. Once infected, they risk becoming victims of identity theft or loss of personal information via spyware and keyloggers.

Viruses Today, email remains one of the primary ways for delivering viruses. According to the release, recent surveys suggest that 27 percent of users fail to keep their antivirus signatures which may, in any case, be unable to up stop the new generation of viruses with polymorphic properties.

Botnets The privately held security firm estimates that 15 to 20 percent of all school and university computers connected to the Internet may be part of a botnet. As part of a botnet, school and university systems may be used in a variety of unknown exploits, including spam delivery, denial of service attacks, click-fraud, identity theft and more.

Phishing Phishing scams continue to get more sophisticated and selective, with students being specifically targeted. WatchGuard claims that phishing attacks via social networks achieve a success rate of over 70 percent.

Hacking In a recent survey of education IT professionals, 23 percent ranked student hackers as one of their greatest threats to network security.

Access Control Usage of mobile devices and wireless access to education IT resources continues to plague network administrators. As use of mobile devices escalates, schools will face increasing challenges in managing authorized network access according to the security vendor.

WatchGuard Technologies provides a variety of Internet security software and hardware products, including firewalls, virtual private network (VPN) appliances, and anti-virus applications under the XTM, XCS, and e-Series brands.

Related articles
Category: Malware, Security | Tags: , , , , , ,
RB | April 24, 2010
No comments

9 Year Old Hacks School System

ComputerWorld reports that officials at Fairfax County Public Schools thought they had a hacker on their hands. It was reported that someone was changing teacher passwords on the Falls Church, Virginia, school district’s Blackboard system. Blackboard (NASDEQ BBBB)  give teachers, students and parents a way to communicate and stay on top of homework assignments and class announcements over the Web. Blackboard’s web site says more than 5,000 K-12 and higher-education institutions nationwide use its software.

The District contacted local authorities when teachers’ and staff members’ reported their passwords were changed preventing access to their accounts because, according to ComputerWorld. Changes to content and enrollment information for some courses was also discovered. The local police investigated and pulled a search warrant for Cox Communications, the Washington Post reports. They traced the  IP address which accessed the Blackboard system to the McLean, Virginia physical address of the home of a 9-year-old student in Fairfax County Public Schools. The police initially suspected the student’s mother, but after interrogating both of them it became clear that the child was to blame.

Turns out that the Blackboard system was not hacked. The student had simply taken a teacher’s password from a desk and used it to change enrollment lists and other teachers’ passwords. “This was a case where an individual … got hold of a teacher’s password, and the passwords had administrative rights,” said Paul Regnier, a school board representative. “It was actually not a hack, unless you consider the fact that the 9-year-old took the teacher’s username and password from the desk a hack,” said Michael Stanton, Blackboard’s senior vice president of corporate affairs. Although there will be no criminal charges filed against the perpetrator, citing school policy, Regnier wouldn’t confirm that it is a student, the Fairfax school board is taking the incident seriously, Regnier said. “Nothing bad happened this time, but we have to make sure that … it doesn’t happen again,” he said.

rb-

This event correlated with the recent (04-14-10) Tufin Technologies survey results of the hacking habits of 1000 New York City teenagers. The survey found that 39% of the teens surveyed think hacking is “cool” and 16%, or roughly one in six, admitted to trying their hand at it. Only 15% of the entire sample has either been caught or knows someone who has – particularly disturbing considering 7% of young hackers reported they did so for money and 6% view it as a viable career path.

The big lesson here is of course, SECURE YOUR PASSWORDS

Category: Security | Tags: , ,
RB | January 19, 2010
No comments

Zeus Raids School

A New York school district was a victim of an apparent Zeus trojan attack which appears to have netted nearly $500,000. InformationWeek is reporting that the FBI and New York State Police Cyber Crime and Critical Infrastructure Unit are investigating an attempt last month to steal about $3.8 million from the Duanesburg Central School District in Schenectady County, New York.

According to the January 6 article, online thieves made a series of unauthorized funds transfers from the school district’s NBT Bank account to an overseas bank between December 18 and 22, 2009. The third transfer during this period was flagged as abnormal activity by the bank, which began blocking pending transactions after the school district confirmed the transfers had not been authorized. Working with foreign banks, NBT Bank recovered about $2.5 million out of $3 million stolen during the four day period, but two previous unauthorized transactions were discovered.

“Thanks to NBT Bank’s aggressive pursuit of the stolen funds, we are fortunate that the vast majority of the money has been recovered,” wrote Superintendent Christine Crowley in a letter on Monday to district parents and community members. “However, $497,200 of Duanesburg taxpayers’ money is still missing, and we are committed to doing everything in our power to recover the remaining funds.”

The district  Web site says  “At this time, we do not have any more information on how this happened and do not expect to have any more information to share until the investigation concludes.”

Security researchers at Trusteer points out in a recent DarkReading article that Zeus  is detected only 23 percent of the time by up-to-date anti-virus applications. The massive Zbot botnet is made up of 3.6 million PCs in the U.S., according to Damballa data  The malware steals users’ online financial credentials and moves them to a remote server, where it can inject HTML onto pages rendered by the victim’s browser to display its own content mimicking, for instance, a bank’s Web page.

“Zeus’ infection rate is higher than that of any other financial Trojan. We are seeing actual fraud linked to Zeus — accounts being compromised, [and] money transferred from accounts of customers infected with Zeus,” Mickey Boodaei, founder and CEO of Trusteer told DarkReading. “When we investigate some of our banking customers’ [machines infected by it], we find evidence of abuse on the computer, so we know this crime ring is very active and dangerous.”

The Security Blog says that organizations can’t control the transmission vectors, which are increasingly social networking and/or webmail applications. Given the high degree of user trust and huge user populations, malware developers have been targeting social networks aggressively (webmail is a well-established transmission vector). Some of the threats come in the form of social network-specific threats (e.g., koobface, fbaction), but many times they’re re-using existing or older threats delivered in a new, hybrid way – exploiting the trust associated with social networks – which has given threats like Zeus a huge boost. If you can’t control the transmission vector, it’s much harder to manage the threat…especially when users click first, and think later.

Category: Malware, Security | Tags: ,
 

Switch to our mobile site