With a recent security analysis of cyber-attacks against universities and colleges in the UK has discovered that staff or students could be responsible, Dr Guy Bunker, SVP of Products at data security company, Clearswift commented below. Guy reveals why the insider is a major threat to organisations and what universities and similar bodies can do to mitigate the risk, including promoting cybersecurity as a career choice.
Dr Guy Bunker, SVP of Products at Clearswift:
“There are a number of alternative scenarios to be considered here too. It could be that an external cyber-criminal has gained access to legitimate credentials – such as usernames or passwords – in order to launch an attack inside. In this case, monitoring then needs to extend to the time/day of logins as well. Going about an attack in this way, there is a considerable amount of information that can be gathered, which then creates the resource issue for the university of correlating and then analysing data to figure out what to do next. It could also be that student devices, laptops, smart phones, tablet, can also become infected with malware because of IoT and cause issues when connecting to the network. This reiterates why the need for a segregated network for ‘uncontrolled’ devices is essential. It also becomes even more important to put strong defences around research which could be targeted by external cyber-criminals.
“We are short of cyber security experts in the UK (and across Europe and the world), so it would be ideal if the internal students who are doing these things could be encouraged to put their skills to better use and potentially a career in cybersecurity. There are a number of great national initiatives, such as the Cyber Security Challenge, but it is also possible for universities to arrange local events, hackathon, etc to encourage participation. Educating people on how to cyber-attack an academic networks is a bad idea – but encouraging people with the skills to become ‘white hats’ is a way to start to close the skills gap. For those who are truly being malicious, there is a need to find them and take appropriate actions, but this isn’t easy. Putting in place appropriate monitoring will help, but perhaps an amnesty with a constructive programme of education and training might work better in this instance for the majority.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.