{"id":76629,"date":"2015-04-21T21:52:10","date_gmt":"2015-04-22T01:52:10","guid":{"rendered":"http:\/\/rbach.net\/blog\/index.php\/"},"modified":"2022-08-26T13:11:27","modified_gmt":"2022-08-26T17:11:27","slug":"edu-the-most-bot-infested-sector","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/edu-the-most-bot-infested-sector\/","title":{"rendered":"EDU- The Most Bot-Infested Sector"},"content":{"rendered":"<p><em><a href=\"https:\/\/betterlesson.com\/lesson\/477614\/responding-to-literature\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-106267 size-medium\" title=\"EDU- The Most Bot-Infested Sector\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/kid-reading-report-card.jpg?resize=150%2C110&#038;ssl=1\" alt=\"EDU- The Most Bot-Infested Sector\" width=\"150\" height=\"110\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/kid-reading-report-card.jpg?resize=150%2C110&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/kid-reading-report-card.jpg?resize=75%2C55&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/kid-reading-report-card.jpg?w=262&amp;ssl=1 262w\" sizes=\"auto, (max-width: 150px) 100vw, 150px\" \/><\/a><a title=\"DarkReading\" href=\"https:\/\/www.darkreading.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">DarkReading<\/a><\/em> confirms, what I have pointed out to <strong><a title=\"Bach Seat\" href=\"http:\/\/www.rbach.net\/\" target=\"_blank\" rel=\"noopener noreferrer\"><em>Bach Seat<\/em><\/a><\/strong> readers for a while, <strong><a title=\"2 of 3 K-12 Networks Breached Multiple Times a Year\" href=\"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/2-of-3-k-12-networks-breached-multiple-times-a-year\/\" target=\"_blank\" rel=\"noopener noreferrer\">education<\/a> <a title=\"Cyber Attacks on Schools Growing\" href=\"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/cyber-attacks-schools-growing\/\" target=\"_blank\" rel=\"noopener noreferrer\">people<\/a> are <a title=\"Cybercrime Stats Say Teachers Susceptible To Phishing Attacks\" href=\"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/cybercrime-stats-say-teachers-susceptible-to-phishing-attacks\/\" target=\"_blank\" rel=\"noopener noreferrer\">terrible<\/a> at IT\u00a0<a title=\"School Kids\u2019 Data at Risk\" href=\"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/school-kids-data-at-risk-2\/\" target=\"_blank\" rel=\"noopener noreferrer\">security<\/a><\/strong>. The latest <a title=\"Utilities And Education The Most Bot-Infested Sectors\" href=\"https:\/\/web.archive.org\/web\/20210508013443\/https:\/\/www.darkreading.com\/endpoint\/utilities-and-education-the-most-bot-infested-sectors\/d\/d-id\/1319863\" target=\"_blank\" rel=\"noopener noreferrer\">evidence<\/a> comes from a <a title=\"BitSight\" href=\"https:\/\/web.archive.org\/web\/20181218195645\/https:\/\/www.bitsighttech.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">BitSight<\/a> report which concludes that the more bots in-house, the more a company is likely to have reported a <a title=\"Data breach\" href=\"http:\/\/en.wikipedia.org\/wiki\/Data_breach\" target=\"_blank\" rel=\"nofollow noopener wikipedia noreferrer\">data breach<\/a>. The <a title=\"ARE YOU AT RISK FOR A DATA BREACH?\" href=\"https:\/\/web.archive.org\/web\/20181118081048\/https:\/\/info.bitsighttech.com\/insight-report-breach-botnet\" target=\"_blank\" rel=\"noopener noreferrer\">report<\/a> finds that the <strong>education sector harbors the most botnet infections<\/strong>, according to a new study. The study highlights how bot infections correlate with a <strong>higher rate of data breaches<\/strong>.<\/p>\n<p><a href=\"https:\/\/siliconangle.com\/2013\/04\/15\/how-to-sidestep-the-wordpress-botnet-hack\/\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-106265\" title=\"education sector harbor the most botnet infections\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/super-bnet.jpg?resize=139%2C100&#038;ssl=1\" alt=\"education sector harbor the most botnet infections\" width=\"139\" height=\"100\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/super-bnet.jpg?resize=150%2C108&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/super-bnet.jpg?resize=75%2C54&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/super-bnet.jpg?w=300&amp;ssl=1 300w\" sizes=\"auto, (max-width: 139px) 100vw, 139px\" \/><\/a>The <em>DarkReading<\/em> article says BitSight, a security ratings firm, studied public breach disclosure data between March 2014 and March 2015 across the finance, retail, healthcare, utilities, and education industries. The study concluded that organizations with a botnet grade of B or below had <strong>experienced data breaches at a rate of 2.2 times more<\/strong> than organizations with an A grade. The report says there is a correlation between botnet infestations and data breaches; &#8220;<em>This does not mean the infections were the cause of the breaches; rather, it means that the infections and breach incidents are correlated.<\/em>\u201d<\/p>\n<p>The education sector fared poorly. Only 23% of institutions got an A as their botnet grade, and 33% get an F. The main botnets dogging schools and universities:<\/p>\n<ul>\n<li><strong><a title=\"Jadtre\" href=\"http:\/\/www.microsoft.com\/security\/portal\/threat\/encyclopedia\/entry.aspx?Name=TrojanDropper:Win32\/Jadtre.B\" target=\"_blank\" rel=\"noopener noreferrer\">Jadtre<\/a> <\/strong>(59.2%) &#8211; Downloads other malware and steals info;<\/li>\n<li><strong><a title=\"More than 600,000 Macs infected with Flashback botnet\" href=\"http:\/\/www.cnet.com\/news\/more-than-600000-macs-infected-with-flashback-botnet\/\" target=\"_blank\" rel=\"noopener noreferrer\">Flashback<\/a><\/strong> (22.1%) &#8211; The <a title=\"Java\" href=\"http:\/\/maps.google.com\/maps?ll=-7.49166666667,110.004444444&amp;spn=0.1,0.1&amp;q=-7.49166666667,110.004444444 (Java)&amp;t=h\" target=\"_blank\" rel=\"geolocation nofollow noopener noreferrer\">Java<\/a> exploit targeting <a title=\"OS X\" href=\"http:\/\/www.apple.com\/osx\" target=\"_blank\" rel=\"homepage nofollow noopener noreferrer\">Apple OS X<\/a>;<\/li>\n<li><strong> <a title=\"TDSS\" href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/threat-encyclopedia\/malware\/tdss\" target=\"_blank\" rel=\"noopener noreferrer\">TDSS<\/a><\/strong> (8.3%) &#8211; Discovered in 2011\u00a0It infects the <a title=\"Master boot record\" href=\"https:\/\/en.wikipedia.org\/wiki\/Master_boot_record\" target=\"_blank\" rel=\"noopener noreferrer\">master boot record<\/a> of the target machine among other things it deletes other malware;<\/li>\n<li><strong><a title=\"Zeus\" href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/threat-encyclopedia\/malware\/zeus\" target=\"_blank\" rel=\"noopener noreferrer\">Zeus<\/a><\/strong> (6%) &#8211; Financial credential-stealing malware, and<\/li>\n<li><a title=\"Sality\" href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/threat-encyclopedia\/malware\/sality\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Sality<\/strong><\/a> (4.4%) One of the longest-lived botnets. It was first discovered in 2003. Sality is considered to be one of the most complex and formidable forms of malware to date.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/web.archive.org\/web\/20150330064132\/http:\/\/eu.montana.edu:80\/online\/top\/shortcourse\/\" target=\"_blank\" rel=\"noopener noreferrer\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-106269 size-medium\" title=\"Ed Tech\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/laptop_books.jpg?resize=150%2C92&#038;ssl=1\" alt=\"Ed Tech\" width=\"150\" height=\"92\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/laptop_books.jpg?resize=150%2C92&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/laptop_books.jpg?resize=75%2C46&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/laptop_books.jpg?w=265&amp;ssl=1 265w\" sizes=\"auto, (max-width: 150px) 100vw, 150px\" \/><\/a>The report notes\u00a0Flashback is malware that targets Apple computers by taking advantage of a Java vulnerability. Mac computers are popular among younger generations and educational institutions, intensifying the proliferation of this malware in education. Although the <a title=\"Trojan BackDoor.Flashback\" href=\"http:\/\/en.wikipedia.org\/wiki\/Trojan_BackDoor.Flashback\" target=\"_blank\" rel=\"nofollow noopener wikipedia noreferrer\">Flashback botnet<\/a> itself has largely been shut down, the large number of infections that still exist indicates that people are running machines that have not been updated; thus, they are still vulnerable to other forms of infection.<\/p>\n<p>Other industries received better scores better than Education.<br \/>\n\u2022\u00a074% of Financial Services firms got an A<br \/>\n\u2022\u00a057% of Retailers receive an A grade<br \/>\n\u2022 53% of healthcare received an A grade<br \/>\n\u2022 50% of Utilities received an A<\/p>\n<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-106271\" title=\"there is a correlation between botnet infestations and data breaches\" src=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/data_breach_firewall.jpg?resize=134%2C100&#038;ssl=1\" alt=\"there is a correlation between botnet infestations and data breaches\" width=\"134\" height=\"100\" srcset=\"https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/data_breach_firewall.jpg?resize=150%2C112&amp;ssl=1 150w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/data_breach_firewall.jpg?resize=75%2C56&amp;ssl=1 75w, https:\/\/i0.wp.com\/rbach.net\/wp-content\/uploads\/data_breach_firewall.jpg?w=600&amp;ssl=1 600w\" sizes=\"auto, (max-width: 134px) 100vw, 134px\" \/>The report concludes that organizations with bot-infected machines are more likely to report a data breach. &#8220;<em>The implications for organizations across industries are that botnet infections cannot be ignored. Companies with poor botnet grades have been breached far more often than those with good grades, and actions should be taken to mitigate these risks.<\/em>&#8221;<\/p>\n<p><strong><em>rb-<\/em><\/strong><\/p>\n<p><em>Been there done that &#8230; EDU people don&#8217;t get IT security. They don&#8217;t understand how much PII they collect and randomly hang onto. Their systems send data in clear text across the inter-tubes to change schools.<\/em><\/p>\n<p><em>Someone is going to get breached and sued and maybe they will learn.<\/em><\/p>\n<h6>Related articles<\/h6>\n<ul>\n<li><a href=\"http:\/\/www.coloradotech.edu\/resources\/blogs\/october-2012\/cybersecurity_terms\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Trojan Horse, Zombies, and 15 Critical Cybersecurity Terms You Need to Know<\/a> (coloradotech.edu)<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><em><a title=\"Ralph Bach\" href=\"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/new-resume\/\" target=\"_blank\" rel=\"noopener noreferrer\">Ralph Bach<\/a>\u00a0has been in IT long enough to know better and has blogged from his\u00a0<a title=\"Bach Seat\" href=\"https:\/\/rbach.net\/\" target=\"_blank\" rel=\"noopener noreferrer\">Bach Seat<\/a> about IT, careers, and anything else that catches his attention since 2005. You can follow him on <a href=\"https:\/\/www.linkedin.com\/in\/rb48334\/\" target=\"_blank\" rel=\"noopener noreferrer\">LinkedIn<\/a>,\u00a0<a href=\"https:\/\/www.facebook.com\/ralph.bach.14\" target=\"_blank\" rel=\"noopener noreferrer\">Facebook<\/a>,\u00a0and\u00a0<a href=\"https:\/\/twitter.com\/rbach48334\" target=\"_blank\" rel=\"noopener noreferrer\">Twitter<\/a>. Email the Bach Seat\u00a0<a href=\"mailto:\/\/bach.seat@gmail.com\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Anti-malware firm BitSight says that schools have most bot infections making them 2.2 times more likely for data breach,<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[3277,420,101,2428,58,125,2430,2431,128,23,2429,4],"class_list":["post-76629","post","type-post","status-publish","format-standard","hentry","category-security","tag-3277","tag-aapl","tag-apple","tag-bitsight","tag-botnet","tag-data-breach","tag-flashback","tag-jadtre","tag-k12","tag-malware","tag-school","tag-security"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/76629","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/comments?post=76629"}],"version-history":[{"count":12,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/76629\/revisions"}],"predecessor-version":[{"id":132108,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/76629\/revisions\/132108"}],"wp:attachment":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/media?parent=76629"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/categories?post=76629"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/tags?post=76629"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}