As Mobile Adoption and Online Educational Resources Continue to Grow, Now is the Time for a Lesson in Cybersecurity
San Jose, CA – August 13, 2014 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced the top cyber threats for students and education professionals to look out for in the upcoming 2014-2015 school year. As mobile usage becomes widely accepted at schools and online testing and student data storage become more commonplace, ThreatMetrix urges students and educational institutions to prepare for the associated risks.
“As students of all ages head back to school, they’ll most likely arrive with mobile devices in hand and on top of that many will receive tablets directly from school” said Alisdair Faulkner, chief products officer, ThreatMetrix. “However, increased device usage leads to an immense amount of sensitive information shared online and many students aren’t aware that online and mobile activities expose that information to cybercriminals.”
With the mobile student in mind, ThreatMetrix has outlined the top risks for students to be aware of as we enter the upcoming school year. These include:
- iPhone 6 with Apple E-Wallet – If the rumors are true, the newest iPhone will come equipped with an “e-wallet” that will allow users to pay for goods in-store with nothing more than their phone. This will make the iPhone 6 a much bigger target for cybercriminals – it will not only hold the user’s credit card information, but extensive sensitive information such as passwords and banking info. Students who upgrade to the iPhone 6 will need to take extra care with their devices and keep them close at all times.
- Malicious Links and Apps – Students often download unauthorized apps from third-party sources, many of which can be fraudulent. Downloading fraudulent apps can expose mobile devices to malware and offer cybercriminals easy access to personal information stored on devices. Additionally, students should be aware of malicious links that could expose their devices to malware, such as links offering free textbooks or test answers that could be indicative of a scam. Students should be wary of “too good to be true” links and only click through links and download apps from trusted sources.
- Online Storage – Many students store not only their schoolwork and assignments with companies such as Dropbox, they also use it for sharing photos and videos. Students must make sure to use a sufficiently complex password unique for that site to avoid cyber hacking and compromised information becoming public.
- Public Wi-Fi Networks –With public Wi-Fi widely available these days, many students will choose to complete their work in coffee houses or libraries over public networks – but those networks are only as secure as their weakest link. Students should avoid online banking activities and accessing other sensitive information over public networks, such as student portals with their tuition information.
- Jailbroken Devices – Tech savvy students want access to the most personalized features, often prompting them to jailbreak their smartphones or even their school-provided tablets, which means deactivating the device’s security to download unauthorized applications and customized features. However, jailbreaking devices comes with consequences that students often ignore, such as downloading malicious apps that can infect their devices with malware. Educational institutions can also be threatened if students are accessing their online educational portals with jailbroken devices that could be infected with malware. They should consider implementing a platform that can detect jailbroken devices to protect data stored in their online portals, such as student identity and tuition information, as well as denying access to the portal for students using jailbroken devices, deterring students from doing so.
“While many of the security risks associated with going back to school this year fall onto students, educational institutions must also take steps to protect students from threats beyond their personal devices and activities,” said Faulkner. “Schools are incredibly concerned with their students’ success and well-being, but often don’t see how that translates to their online activities. Unfortunately, if a cybercriminal accesses a student’s information through an educational institution’s online portal, the results of that can be catastrophic to that student and their future.”
As schools shift everything from administering tests, lesson plans and student data online, they must ensure that none of this information can be accessed by cybercriminals. Educational institutions should be on the lookout for risks associated with:
- Online Student Data –In February, the University of Maryland was the target of a sophisticated attack that exposed the sensitive information (including names and Social Security numbers) of more than 200,000 students who enrolled at the university between 1998 and 2014. As one of the largest sources of debt in the country, U.S. colleges and universities are a massive target for cybercriminals. Because of this, schools must take measures, such as implementing advanced fraud prevention and context-based authentication to differentiate between legitimate students and potential cybercriminals to ensure their online student records are secure. If students’ identities are compromised through their school records, it can have an impact that follows them throughout their lives.
- Online Test Delivery – In addition to keeping student data secure, determining whether or not students are who they claim to be when administering tests and lessons online can be very difficult for educational institutions. Schools should consider implementing a security solution that uses contextual factors beyond IP addresses and cookies to determine whether a student is who they claim to be to deter cheating or sabotage associated with online testing.
- Bring-Your-Own-Device (BYOD) – As BYOD becomes more accepted in the workplace, it is also more accepted at schools, especially universities. Many students bring their laptops and tablets from home to take notes in class, take tests online and access their school’s online portal for lesson plans and activities. Educational institutions should be sure they are implementing secure BYOD policies, such as monitoring logins in real-time and ensuring no one is accessing data that should not be available to them.
This year, students will head back to school with all of their devices – mobile devices (perhaps even the new iPhone 6), tablets and laptops – within arms-reach. Staying one step ahead of the many risks associated with their school-related activities through added security measures is the first step in students staying protected. Educational institutions should also consider the assistance of a third-party solution to screen for suspicious online activities, such as the ThreatMetrix™ Global Trust Intelligence Network, which leverages data from a collective global network for real-time threat intelligence.
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.
Join the cybersecurity conversation by visiting the ThreatMetrix blog, Facebook, LinkedIn and Twitter pages.
© 2014 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.