Compromised Credentials

While most schools recess for summer vacation in July and August, hackers are in session full time trying to break into systems to steal personally identifiable information and possibly re-route automatic deposits for paychecks, financial aid and the like.

Fake messages look very simple and the return addresses seem legitimate because they often identify with the institutional norm.

Duke is especially busy, with several attacks posing as webinar offers, maintenance alerts, upgrade notifications, mail box quota notices, suspicious account activity warnings, virus alerts, important salary updates, school paper publication notices, and more.

Other attacks on educational institutions this summer include:

University of Illinois July 5, 2014 (You got a raise!!)

University of Illinois Urbana-Champaign


Vanderbilt July 10, 2014

A “specific and significant” phishing attack targeted certain high-earners, so VUIT added an [External] tag to subject lines of emails sent from outside the network in an effort to notify users that an email is not part of an internal string. Several colleagues had already disclosed credentials, and there is no word yet of the extent of the damage.

Fun breach facts:

  • 100% of all breaches worldwide were made using valid credentials.
  • It still takes an average of 229 days, or half a year to detect that something has gone wrong.
  • 67% of intrusions in 2013 were not detected until reported by a third party.
  • Phishing through email remains the most effective way to gain access.

The exploitation of trusting people is the most common and effective way for hackers to invade your network.   That is why the most powerful defense against hackers is a security system that can detect the intent of a website or email message before it compromises any device that accesses your network. Call EdgeWave at 1-800-782-3762 for a conversation with a security expert who can help you protect your people and your network from exploitation.