DarkReading confirms, what I have pointed out to Bach Seat readers for a while, education people are terrible at IT security. The latest evidence comes from a BitSight report which concludes that the more bots in-house, the more a company is likely to have reported a data breach. The report finds that the education sector harbors the most botnet infections, according to a new study. The study highlights how bot infections correlate with a higher rate of data breaches.
The DarkReading article says BitSight, a security ratings firm, studied public breach disclosure data between March 2014 and March 2015 across the finance, retail, healthcare, utilities, and education industries. The study concluded that organizations with a botnet grade of B or below had experienced data breaches at a rate of 2.2 times more than organizations with an A grade. The report says there is a correlation between botnet infestations and data breaches; “This does not mean the infections were the cause of the breaches; rather, it means that the infections and breach incidents are correlated.”
The education sector fared poorly. Only 23% of institutions got an A as their botnet grade, and 33% get an F. The main botnets dogging schools and universities:
- Jadtre (59.2%) – Downloads other malware and steals info;
- Flashback (22.1%) – The Java exploit targeting Apple OS X;
- TDSS (8.3%) – Discovered in 2011 It infects the master boot record of the target machine among other things it deletes other malware;
- Zeus (6%) – Financial credential-stealing malware, and
- Sality (4.4%) One of the longest-lived botnets. It was first discovered in 2003. Sality is considered to be one of the most complex and formidable forms of malware to date.
The report notes Flashback is malware that targets Apple computers by taking advantage of a Java vulnerability. Mac computers are popular among younger generations and educational institutions, intensifying the proliferation of this malware in education. Although the Flashback botnet itself has largely been shut down, the large number of infections that still exist indicates that people are running machines that have not been updated; thus, they are still vulnerable to other forms of infection.
Other industries received better scores better than Education.
• 74% of Financial Services firms got an A
• 57% of Retailers receive an A grade
• 53% of healthcare received an A grade
• 50% of Utilities received an A
The report concludes that organizations with bot-infected machines are more likely to report a data breach. “The implications for organizations across industries are that botnet infections cannot be ignored. Companies with poor botnet grades have been breached far more often than those with good grades, and actions should be taken to mitigate these risks.”
rb-
Been there done that … EDU people don’t get IT security. They don’t understand how much PII they collect and randomly hang onto. Their systems send data in clear text across the inter-tubes to change schools.
Someone is going to get breached and sued and maybe they will learn.
Related articles
- Trojan Horse, Zombies, and 15 Critical Cybersecurity Terms You Need to Know (coloradotech.edu)
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.