3 cybersecurity threats to universities and how they could be addressed
EARLIER this week, four major Singapore universities said they were victims of cyber attacks, highlighting the need for Southeast Asian tertiary institutions to ramp up preventative measures.
On Tuesday, the Cyber Security Agency of Singapore (CSA) and Ministry of Education (MOE) issued a joint statement saying they received information about the breaches affecting at least 52 online accounts last week. The affected institutions include the Nanyang Technological University (NTU), National University of Singapore (NUS), Singapore Management University and the Singapore University of Technology and Design.
Based on investigations, the incident was a phishing attack where unsuspecting users were directed to a credential harvesting website, according to Channel News Asia.
The CSA and MOE said the credentials were then used to gain unauthorized access to the institutes’ library website to obtain research articles published by staff. The authorities said fortunately, no sensitive information was leaked, and as it stands, the incident did not appear to be linked to other attacks last year.
Joanne Wong, Senior Regional Director for Asia Pacific & Japan at American security intelligence company LogRhythm, said phishing is one of the oldest tricks in the book for hackers and continues to be very effective.
“Once credentials are obtained, it can be very difficult to detect such a breach because they are logging in as the user,” Wong said in a statement to Tech Wire Asia.
“It goes to show that the only way to minimize the damage done when breached is to employ artificial intelligence that will learn and detect anomalies in user behavior.”
In this case, Wong said security solutions that constantly patrol the system can detect if a user is downloading research papers in high volume or accessing papers they don’t usually look at.
2017 turned out to be a notorious year for the dark world of ransomware with CryptoLocker, GoldenEye, and WannaCry among a few examples of cyber attacks that cost global businesses an estimated US$1 billion in the span of one year.
Cybercriminals are seeing many opportunities to make quick money via such means. To many, the appeal of ransomware is that unlike other forms of cyberattacks, it can be quickly and simply deployed with a higher likelihood of profit, as the malicious software holds or threatens to reveal data until ransom is paid.
And for universities, a successful attack could mean that important files and documents could be left at the mercy of the cybercriminals.
Last year the Federal Bureau of Investigation (FBI) arrested a former University of Iowa wrestler who hacked into the school’s system on many occasions to obtain advanced copies of exams and change grades for himself and fellow peers.
The 22-year-old student was found to have changed the grades over a 21-month period in a scheme which lasted from March 2015 until December 2016.
The scheme involved installing devices called keyloggers in university classrooms and labs that enabled him to see what his lecturers typed, including their passwords, allowing him to gain access to grading and email systems.
The former student allegedly sneaked into classrooms to install and retrieve keyloggers, which costs some US$50 in the market.
The student’s alleged activities went unnoticed until an instructor reported to campus IT security officials that his grades had been changed without her authorization.
The discovery led to an off-campus search of his Iowa city apartment where authorities seized keyloggers, cellphones and thumb drives that allegedly contained some copies of intercepted exams.
Since passwords are one of the biggest points of vulnerability, one of the simplest yet most effective way to ward off attacks is simply to create strong passwords which you change often.
Employing a virtual private network (VPN) allows universities to encrypt their network, ensuring they have no outside forces spying in.
There are many free but legal and professional-quality antivirus software available for individuals, such as Malwarebytes and AVG Technologies.
In order to keep up the best practices of cybersecurity, each member of staff should be educated on new updates and the importance of habits such as regularly changing passwords, and knowing how to spot things such as phishing emails.
A firewall alone will not protect universities from every threat, but it is an added layer of protection that they should not be without.
Older hardware poses much greater security risks due to older software. If possible, the universities should ensure they upgrade hardware routinely every few years.