校园网络安全勒索软件

格雷格Kovich

2022年5月9日

Employing strategies to reduce campus cybersecurity threats can help limit nefarious actor access and reduce your exposure.

早在“民族国家黑客”这个词出现之前, 教育火狐体育手机一直是机会主义网络威胁的目标. 根据最近的 Verizon数据泄露报告, these attacks have moved from executing annoying denial of services and access to sensitive information, 到被经济利益所驱使, most often from criminal hackers who ransom the institution’s or district’s encrypted data. 这种性质的攻击可能会使运营中断数月, 并拿走项目和教育任务急需的资金. 幸运的是，有一些策略可以减少你的威胁面积.

在分析攻击者如何进入教育网络时, Verizon的报告将“社会工程”(46%)确定为最主要的向量. 其次是“杂项错误”和“系统入侵”(各占20%)。. Social Engineering was exploited using ‘pretexting’ mainly for fraudulent payments or transfer of funds, 和钓鱼, which tries to acquire credentials or access to the system w在这里 malware can be installed. Miscellaneous Errors were due to misconfiguration of servers without proper access controls. And System Intrusion was all about hacking and malware using credentials that had been exposed on the Dark Web and never changed or acquired through Social Engineering.

有了这些知识, following are four strategies we’ve come up with that can be employed to help limit access or exposure.

1. 培训: 而十月份被指定为网络安全意识月, 勤奋不应止步于此. 教育学生, 教师, 工作人员, 关于如何识别网络钓鱼的管理非常有效. 然而, further training should be available for those who continue to get ‘fooled’ by increasingly sophisticated and professional emails. 除了网络钓鱼培训, employees responsible for handling payments or the transfer of funds need to have special training on financially targeted attacks. 也, an audit should be undertaken of the workflow and credentials needed in order to transfer funds. Speaking of workflow — with misconfiguration of servers ranked second highest in terms of attack surface — implementing the correct access controls must be a top priority for data centre operations engineers and research IT teams.

2. 多因素认证(MFA): MFA正在成为网络安全保险公司的标准要求. 几乎每个人在访问在线帐户时都使用过MFA, 对大学和学区来说也是如此, 您的Microsoft®或Google许可应包含此功能. For more advanced MFA features like conditional access, you may have to pay for additional licensing.  使用MFA为坏人制造了一个必须跨越的额外障碍. 最终用户很幸运, 智能手机和平板电脑的普及使得最终用户很容易实现这一目标.

3. 特权: 在很多情况下, once you authenticate to the network you are placed in a VLAN and the expectation is the firewall will protect against unauthorised access. This construct is problematic and should be replaced with micro-segmentation strategies that permit the user to access all the content and resources needed for their role, 再也没有了. Similar to how a cruise ship is compartmentalised so that a hull breach doesn’t fill the entire ship with water, 对用户进行微分割可以限制因帐户受损而造成的损害. Implementing unified network policies that apply micro-segmentation rules to the user whether their access is from campus Wi-Fi, 以太网, 或VPN, 会减轻网络管理负担吗.

4. 安全体系结构: 传统上, a defense-in-depth architecture is the most popular paradigm for protecting digital assets. 的 ‘Castle-and-Moat’ design is w在这里 everyone in the ‘Castle’ is considered ‘trusted’ and those outside are kept outside by the ‘Moat’ which could include firewalls, vpn, 以及其他技术. 不幸的是, 随着网络钓鱼的兴起和成熟, 这些值得信任的人实际上可能是不情愿的威胁载体. 另一个重新引起讨论和流行的架构是“零信任”。. 的 United States National Institute of Standards and Technology (NIST) has published several documents on 零信任 以及如何实现它. 零信任架构与之前关于特权和访问的建议一致, and at its root is about verifying the need of a device or user to access resources or network segments.

您可能想要查看的其他资源

T在这里 are many resources available to educators within their communities and from the organisations that support them. EDUCAUSE is one example of a nonprofit association whose mission is to advance higher education using information technology. This association has community groups that enable peer-to-peer conversations about cybersecurity, 网络管理, 隐私和无线网络. 该组织为教育工作者提供如何订阅免费服务的信息, 非营利组织, 政府)呼吁 Dorkbot 哪些可以帮助识别web应用程序中的高风险漏洞.

另一个有价值的资源是 科研与教育网络信息共享与分析中心 (REN-ISAC) which serves more than 650 member institutions within the higher education and research community by promoting cybersecurity operational protections and response.

的 澳大拉西亚大学信息技术主任委员会 (CAUDIT)是另一个为教育工作者提供领导力的组织. 的ir reference model for higher education is a valuable document to consider when undertaking a digital transformation. 另外, their cybersecurity initiative helps members adopt appropriate risk profiles and counter ever-increasing cybersecurity threats, 这样做的时候, 帮助保护澳大拉西亚大学的知识产权和声誉.

For more information on this topic stay tuned for my upcoming whitepaper which will share insights into how Alcatel-Lucent Enterprise can be part of your defense-in-depth security plans. 它将专注于在网络边缘启用零信任架构, 包括物联网(物联网)设备, 客人, 和BYOD.