Dark Reading reports that universities are 300% more likely to have malware on their networks than their commercial and public sector counterparts. Given the lack of standards or hard-to-enforce standards for many of the users on campus networks, this is not a huge surprise. The academic culture of share-share-share (with some exceptions) can also contribute to this high malware prevalence. For many students and faculty, complying with a directive or guidance can be synonymous to bending down before The Man.
The Expiro family of malware is particularly prevalent in higher education. The Expiro family of malware:
- infects drives of all types — local, portable, network
- installs malicious extensions to Chrome and FireFox browsers
- attacks via web site visit “drive-bys”
- activity includes copying/stealing user names, passwords, and web histories
I don’t see top down authoritative approaches to ever to enhance security on campus. It just won’t fly. But that doesn’t mean don’t bother either. Core efforts to enhance security on campus need to include a robustly managed wired and wireless network backbone (what’s behind the wall), a lot of trust building effort with students, faculty, and staff, and a lot of education and accessible (easy to implement) guidance. This requires time and staffing (ie $$), but it is the best opportunity to tame higher ed malware rates.
[Image: Clkr.com]