Exposed – Intel Paper: Common Cyber Threats to Universities

MS-ISAC Intel Paper: Common Cyber Threats to Universities

The following document was obtained from the website of the Missouri Department of Higher Education.

Common Cyber Threats to Universities

Page Count: 10 pages
Date: February 23, 2016
Restriction: For Official Use Only
Originating Organization: Multi-State Information Sharing and Analysis Center
File Type: pdf
File Size: 773,757 bytes
File Hash (SHA-256): 638A6DB7C124E3424BCD2627D2212274029FFAFBE9D93D82FC8BCA4B5676CC89

Download File

(U//FOUO) TLP: AMBER The Risk: The Multi-­State Information Sharing and Analysis Center (MS-­ISAC) assesses with high confidence that cyber threat actors routinely target universities, for the purposes of financial gain, notoriety, or entertainment, and often to gain access to personally identifiable information (PII) and/or sensitive research. MS-­ISAC believes universities are inherently more vulnerable to cyber targeting than other state, local, tribal, and territorial (SLTT) government entities, due to the non-­restrictive research environment with less compartmentalization and less access restriction, which results in more opportunity for infection, and when infection occurs, easier transmission through a network.

• Incident frequency remained relatively consistent in 2015 compared to 2014, but incidents spiked in July and August 2015 as seen in Figure 1. The August spike may be partially caused by the return of students to campus and increased traffic on university networks.
• Nation-­‐state actors pose the gravest threat to universities systems and the greater national security interest. This is due to nation-­‐state actor’s more advanced skill sets and tendency to strategically target universities with developed research programs, or those that are Cleared Defense Contractors (CDC) or Centers for Academic Excellence (CAE), which may contain engineering, health, science or defense research, crucial to the U.S. National Security interest.
• Based on MS-­‐ISAC data, universities are most likely to be targeted via a phishing email, and malware infection is the most likely tactic, technique or procedure (TTP) a university will  experience.

university-cyber-threats university-cyber-threats-2 university-cyber-threats-3