ThreatMetrix on Biggest “Back to School” Cybersecurity Risks
Posted September 2, 2015
Cybercrime Targets Mobile Devices and Other Connected Tech Taking an Expanding Role in Education, Administration and Student Play
It seems like eons ago when the warnings that came with the kick off of a new school year had to do with taking care crossing streets and not forgetting lunch. With technology in virtually every phase of the education experience from instruction to administration — not to mention student leisure activities— there’s a lot more on everyone’s plate to worry about than just remembering lunch.
Andreas Baumhof, ThreatMetrix Chief Technology Officer recently observed:
“Technology is playing an increasingly integral role in education. Students are taking online tests, using mobile devices in the classroom and storing their personal information in the cloud. While the digital classroom concept creates additional learning opportunities for students, it also increases vulnerabilities and opens the door for fraudsters to wage attacks.”
ThreatMetrix outlines top cybercrime risks and trends students and educational institutions should take note of:
- Mobile continues its dynamic growth – The ThreatMetrix Cybercrime Report: Q2 2015 analyzed more than three billion transactions for a summary of activity and discovered that 31 percent of those transactions occurred on mobile devices.
As consumers and educational institutions adopt mobile as an e-commerce and academic tool, the real number is most likely above 50 percent. That means the potential to compromise digital identities on mobile devices is greater than ever before. Students with mobile devices and tablets may not realize that their online sharing activities are putting them at risk of becoming victims of cybercrime. And, using multiple devices (e.g., laptops and smartphones) increases the possibility of students sharing sensitive information and having that private data exposed to cybercriminals.
- Cybercriminals targeting higher education – While many high profile data breaches target retailers, such as Neiman Marcus, Staples and Home Depot, universities are the latest target for fraudsters looking to compromise digital identities. Penn State announced in May the computer systems at its College of Engineering were hit by Chinese hackers in a sophisticated two-year operation. In June Harvard discovered a data breach in the Faculty of Arts and Sciences and Central Administration. These attacks against higher education are indicative of a larger cybercrime trend targeting educational institutions.
In contrast to financial institutions, institutions of higher learning don’t have big budgets to allot to cybersecurity. Naturally, this results in a greater risk of intrusion. If hackers are able to access the vast amounts of personally identifiable information (PII) available on a university’s servers and internal websites, students, alumni and prospects could find their private data compromised. And, compared to financial institutions and retailers, educational institutions possess and store personal information that is much more comprehensive, including students’ financial information, Social Security Numbers and medical histories.
Baumhof points out that educational institutions should look to global shared intelligence to better protect their assets
“School officials need to do their part to make sure that everyone’s private information is safe. Universities should operate under the assumption that their PII has been compromised. Educational institutions, especially those with internal websites, need to leverage global shared intelligence to protect digital identities and ensure they’re not the next data breach victims in the news.”
Detecting attacks against educational institutions with the ThreatMetrix Digital Identity Network
As cybercrime continues to grow across channels and industries, educational institutions have become prime targets. Attacks detected using real-time analysis and global shared intelligence show us that fraudsters are constantly developing sophisticated strategies to compromise digital identities. The ThreatMetrix Digital Identity Network analyzes more than one billion transactions each month and offers the only frictionless cybersecurity solution that combines enhanced mobile identification, location-based authentication, endpoint intelligence, behavior intelligence and real-time trust analytics into a powerful, context-based authentication and fraud prevention solution.