Tuesday, June 7, 2022, 01:12 PM
#edutech #college #work #NFT #education #remotework #onlinelearning #stem #talent #diversity #highered #STEM #blogAn alert issued by the FBI Thursday warns higher education institutions that cybersecurity agents have identified U.S. college and university credentials are being advertised for sale on “dark web” criminal marketplaces and on publicly accessible internet forums.
“As of January 2022, Russian cyber criminal forums offered for sale or posted for public access the network credentials and virtual private network accesses to a multitude of identified U.S.-based universities and colleges across the country, some of which included screenshots as proof of access,” the alert states. “Sites posting credentials for sale typically listed prices varying from a few to multiple thousands of U.S. dollars.”
The agency warned that exposure of usernames and passwords — even if only a portion of the passwords are still accurate — significantly increases the risk to an institution of a brute force credential-stuffing network attack; the FBI also said since users commonly re-use the same credentials across multiple accounts, websites, and services, individual users among the stolen credentials are at greater risk of identity theft and financial losses.
“This exposure of sensitive credential and network access information, especially privileged (or administrative) user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations,” the FBI alert said.
Another example listed by the agency is an incident from a year ago where 36,000 credentials for email accounts ending in .edu were found on a publicly accessible instant messaging platform, which was not named by the FBI.
Cybersecurity experts at Proofpoint in December said they’d identified a dramatic increase in email threats targeting mostly North American universities attempting to steal university login credentials, many of which leverage COVID-19 themes including testing information and the then-new Omicron variant.
In a Proofpoint blog post published Dec. 7, 2021, cybersecurity analysts at the company explained that credential-theft campaigns targeting universities and exploiting COVID-19 themes had ramped up consistently since October 2021. The threats specifically targeting universities went to greath lengths to mimic universities’ legitimate login portals, the cybersecurity firm said. “It is likely this activity will increase in the next two months as colleges and universities provide and require testing for students, faculty, and other workers traveling to and from campus during and after the holiday season, and as the Omicron variant emerges more widely,” Proofpoint experts said.
Preventative Measures the FBI Recommends for Higher Ed Institutions
In its alert, the FBI recommended that all academic entities establish “strong liaison relationships” with their local FBI Field Office, who “can assist with identifying vulnerabilities to academia and mitigating potential threat activity.”
The agency also recommended that academic entities “review and, if needed, update incident response and communication plans that list actions ... if impacted by a cyber incident.”
By Kristal Kuykendall