There is no doubt that technology is permeating nearly every facet of daily life. From work to travel to home, there are applications or IT components that streamline many processes and give users access to new resources. This is true within the educational sector as well, as more schools from elementary to universities provide connected devices or network access to students. However, the current environment is also creating security risks, which can be mitigated through the use of a layered security approaching including Faronics’ Deep Freeze solutions.
School networks targeted by malware
A security lab recently discovered that higher education networks are hit by malware infections more often than enterprises and government agencies. With an increased number of users connecting to Internet resources at colleges and universities across the country, this is not very surprising that these networks experience a higher percentage of cyberattacks. What is a bit shocking, however, is that data shows that these Web systems are 300 percent more likely to contain malware than any other arrangement in the commercial or public sector.
“That [percentage] was somewhat of a surprise to us,” said security expert Dan Hubbard. “You always hear about universities being more open than regular corporations and organizations. but these numbers were a little higher than we expected.”
One of the main samples infecting these networks is EXPIRO, which has been infiltrating files since 2010. The malware usually infects local, removable and network drives, installing malicious Chrome and Firefox extensions to spread its reach. Furthermore, this attack also steals passwords and stored certificates from Internet Explorer, Microsoft Outlook and FileZilla, posing a major risk to network security and individual users. Hubbard said this infection can also steal usernames and information about Web history. Once the information is obtained, it is placed in a DLL and communicated to the command and control server guarded by encryption.
“It’s hard to tell what [attackers] are after,” Hubbard said. “There are multiple variants of EXPIRO.”
School laptop infection puts medical records at risk
In addition to the overall network being at risk of infection, if individual devices connecting to it contain malware, it can put sensitive information at risk. Such a case occurred recently at Barry University in Miami, when the organization had to alert patients of the school’s Foot and Ankle Institute that personal information may have been compromised.
Although patients received notification at the end of December last year, the security breach was first detected back in May. An investigation showed that patient data was compromised due to malware on a school laptop that accessed the institution’s private computer systems. A case of this kind illustrates the need for network level, and device level protection against malware. Schools can achieve this protection by leveraging Faronics’ Deep Freeze solutions. This technology can protect servers supporting the network as well as individual workstations and mobile devices. Furthermore, this type of protection can prevent sensitive information from being lost due to a malware infection.
Tips for boosted school security
In addition to installing security software on servers and encouraging students to do so on their devices, educational institutions can also prompt users to update their programs on a regular basis. Keeping these systems up to date can prevent attackers from exploiting known vulnerabilities and infecting machines.
In addition, schools with fixed workstations or those that provide devices for student use can set up limited access accounts to prevent users from creating security risks. This practice can also include utilizing an application whitelist, where students can only utilize pre approved programs on the list. This kind of strategy can ensure that students aren’t accessing inappropriate or unsafe materials that could infect school hardware.