With education-related cyber-security threats expected to rise in 2010, WatchGuard is predicting the top threats facing schools, colleges and universities.
Top threats include:
The number one threat to school and university networks is social networks, such as Facebook and MySpace. Unfortunately, social networks act as an ideal platform to launch a myriad of attacks against students and departments, including spam, viruses, malware, phishing and more. Adding to this, socially engineered attacks are often extremely successful due to the “trusted” environment that social networks create.
As students and teachers use the web for education purposes, many unwittingly expose themselves to drive-by downloads or corrupted websites, which inject malicious forms of software on their computers. Once infected, they risk becoming victims of identity theft or loss of personal information via spyware and keyloggers.
Today, email remains one of the primary ways for delivering viruses. Recent surveys suggest that 27 percent of users fail to keep their antivirus signatures which may, in any case, be unable to up stop the new generation of viruses with polymorphic properties.
It has been estimated that 15 to 20 percent of all school and university computers connected to the Internet may be part of a botnet. As part of a botnet, school and university systems may be used in a variety of unknown exploits, including spam delivery, denial of service attacks, click-fraud, identity theft and more.
Phishing scams continue to get more sophisticated and selective, with students being specifically targeted. A recent report states that phishing attacks via social networks achieve a success rate of over 70 percent.
In a recent survey of education IT professionals, 23 percent ranked student hackers as one of their greatest threats to network security.
Usage of mobile devices and wireless access to education IT resources continues to plague network administrators. As use of mobile devices escalates, schools will face increasing challenges in managing authorized network access.