Home Career FBI warns that criminal markets are selling credentials to enter universities online

FBI warns that criminal markets are selling credentials to enter universities online


This audio is generated automatically. Please let us know if you have feedback.

Short dive:

  • Late last week, the FBI found credentials to enter colleges and universities that are up for sale in public forums and online crime markets.
  • Disclosure of this information could lead to future cyberattacks against individuals and organizations, the FBI warned. For example, cybercriminals may use this information to try to log in to different Internet sites, taking advantage of users who process the same credentials.
  • The FBI recommends that higher education institutions review and update their cyber-attack response plans. They should also constantly update operating systems and software, train students and faculty to recognize phishing attempts, and require strong and unique passwords for all accounts.

Diving Insight:

Cyber ​​attacks are becoming an increasing problem in colleges and universities that keep confidential data and may not always prioritize the implementation of the latest cybersecurity improvements. In recent years, colleges have fallen victim to cyberattacks paid hundreds of thousands of dollars to regain access to captured servers or had to cancel classes for a few days as they tried to bring back online operations. Some even faced lawsuits for data breaches.

The FBI reported in message of May 26th that he discovered several incidents while advertising stolen higher education documents. In January, Russian cybercrime forums displayed a list of online credentials for American colleges for sale and even uploaded screenshots for some as proof of access. According to the FBI, the credentials were listed for up to several thousand dollars.

Similarly, in May 2021, the FBI found that more than 36,000 combinations of emails and passwords for accounts ending in .edu were available on the public instant messaging platform. And at the end of 2020, the seller in the Dark Web listed about 2,000 unique usernames and passwords for higher education accounts.

If attackers acquire login information and successfully hack into users’ accounts, they may try to deprive them of stored value, sell credit card numbers, sell personal information or engage in fraudulent transactions.

The FBI recommends colleges take a number of measures to prevent such attacks. One of the most effective is to regularly check for software updates and prioritize patch installation to fix known vulnerabilities. Colleges may also implement curricula to help students and staff understand the risks of clicking on suspicious links or email attachments. And agencies need to require multi-factor authentication, especially for accounts that have access to critical systems or email.

In addition, the agency stressed the importance of network segmentation, a security measure that divides the computer network into smaller parts. This helps prevent ransomware attacks that can easily disable the entire network.

Meanwhile, cyberattacks at the college have continued in recent months.

Attacks at least two colleges frustrated the last days their spring deadlines. At one of the Kellogg Community Colleges in Michigan, an attack forced the institution to close all five campuses and cancel classes. At another, the University of Austin Pee in Tennessee, administrators canceled the day of final exams due to a cyber incident.

Source link

Previous articleColleges should support students with long-term COVID (opinion)
Next articleMarshall Ramsey: Census – Mississippi Today