The intensification of cyberattacks against universities and colleges means institutions need more than just clever passwords and the latest antivirus software to protect themselves from today’s more powerful hackers.
There are a wide variety of products that can automatically control who’s using a network, determine what kind of security their devices have, and even fool hackers into thinking they have successfully infiltrated a computer system.
“Why do cybercriminals go after these institutions? Because there is money to be made doing it,” says Bill Cunningham, vice president of enterprise sales at Kapersky Labs. “The idea that you can spend X this year and not have to spend any money again for three or four years is not reality.”
Kapersky Labs each day identifies 200,000 new malicious programs targeted toward software. Its database of malware is used to protect networks even before software providers distribute security updates, Cunningham says.
Larger universities have to manage multiple computer networks, often run by different departments and off-campus facilities, such as medical centers and research institutes. ForeScout Technologies has a solution that can identify the security vulnerabilities of any device connected to an institution’s network and provide upgrades, says Scott Gordon, the company’s chief marketing officer.
TrendMicro’s software can fend off hacking attempts by creating virtual desktops and networks. For instance, students or faculty could access a virtual server from an iPad and do work without making any changes to the main network, says JD Sherry, vice president of technology and solutions. This would prevent those users from inadvertently transferring any viruses that may have infected their machines.
These virtual machines also can trick hackers into thinking they have successfully infiltrated a network. Once a hacker is trapped in what TrendMicro calls a “virtual sandbox,” intelligence can be collected about the hackers’ methods.
“The virtual servers look and smell like a real server but they’re quarantined,” Sherry says. “You can truly see what hackers are trying to do like it’s a real live hacking event. Hackers don’t know they’re being watched, they don’t know they’re being analyzed.”
A company called Druva has created a “rule-based engine” that can be installed on laptops, tablets, and phones of faculty and staff that only lets them into specific parts of a network.
Druva also is working on technology that can tag documents with small pieces of information that control who can access it and also collect information about who is using it. It also could prevent the document being opened by someone who shouldn’t have access.
Aside from hackers, indiscriminate web surfing by campus users can pose a threat to colleges and universities intending to follow federal internet privacy laws, says Jacob Thankachen, vice president of sales and operations for Cyberoam Americas.
Cyberoam’s software can prevent users from accessing pornography sites and downloading music illegally, among other risky activities.
“With the growing ubiquity of the internet, the proliferation of always-connected smart devices, and the explosion of apps in academic networks, the security threats [higher education institutions] face are likely to get worse and the number of advanced targeted attacks is also likely to soar this year and beyond,” he adds.