Incident Response, Malware, TDR

College networks hit with highest incidence of malware infections, firm finds

A cloud security company that probed its network of 50 million worldwide users found that colleges and universities most often fall victim to malware attacks.

San Francisco-based OpenDNS discovered that higher education networks were 300 percent more likely to contain malware than government organizations or business entities that faced the same cyber attacks.

On Wednesday, Dan Hubbard, the company's CTO, told SCMagazine.com that OpenDNS analyzed its network over the last six months, delineating the types of organizations impacted by malware infections.

According to Hubbard, the higher incidence of compromise at educational entities is telling of the expansive user base connecting to college and university networks, which often leaves organizations exposed to attacks.

“It's not that they are a target per se, but they are probably more infected because the students don't have proper protection when they are off the campus,” Hubbard said.

Students taking their laptops on and off school grounds and connecting the devices to unsecure Wi-Fi networks, or engaging in other risky online activities, could open school networks to any number of threats, he explained.

During the probe of its network, OpenDNS also found that malware called EXPIRO was the top threat impacting educational organizations.

Expiro is delivered to victims via exploits kits, which target users running vulnerable Java plug-ins or Adobe PDF installations.

“It's a file infector and it looks at a bunch of data on your machine, like web history or websites you've visited and the computer name,” Hubbard said of EXPIRO. “It then puts that information in an encrypted file and sends it to the attacker.”

Users are often infected with EXPIRO via drive-by download, he added.

OpenDNS recommended that schools educate users on phishing campaigns used to lure individuals into clicking malicious links or opening attachments containing malware. In addition, the company advised organizations to use predictive analytics solutions to thwart malvertising and watering hole attacks – when saboteurs infect websites frequently visited by their targets.

The network threat posed by a younger user base was also highlighted in a report from Cisco. The “2012 Cisco Connected World Technology Report,” which polled online behaviors and attitudes among college students and young workers aged 18 to 30, highlighted organizational threats brought on by a younger generation who routinely takes part in risky online behavior.

The study found that seven out of 10 employees admitted to knowingly breaking IT policies on a regular basis. Furthermore, three out of five young respondents to the Cisco survey believed they were not responsible for protecting corporate information or devices from potential threats.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.