Harvard University announced this past Wednesday that it discovered a breach in its Faculty of Arts and Sciences and Central Administration IT networks. The school’s administration admitted that it is possible that Harvard login credentials (computer and email passwords, including Office 365) have been exposed. Although there is currently no indication that research or personal data was compromised, students and staff of a total of 8 Harvard schools and organizations have been asked to change their passwords. This is the second incident Harvard has faced in 2015. In April, a website of the Institute of Politics was breached with pro-Palestinian group AnonGhost claiming responsibility.
Before dismissing this incident as just another local breach, we decided to look into event reports in the academic sector over the past year. Surprisingly, we found that educational institutions, and universities in particular, constitute a growing proportion of breach victims. Diving into the reports, we tried to figure out what are the most common threats currently faced by this sector.
The segmentation shown in Figure 1 helps refine the unique challenge of securing a complex IT environment as can be found in an academic campus. First, notice the high percentage of intrusion incidents: These incidents, mostly resulting in compromised PII (personal identifiable information), add up to over a quarter of all reported security incidents. All in all, these intrusions have led to the exposure of thousands of records containing personal information. Keeping in mind that most (if not all) universities offer online registration and personal applications services, we can expect malicious threat actors to continue attempting outsider intrusions campaigns.
Our second finding relates to the high percentage of user-based compromise incidents. We observed unauthorized access, network misconfigurations, and rogue employees amount to 50% of all incidents. This finding is generally consistent with most public data breach reports published over the past few years, identifying the Insider Threat as the major benefactor of risk in large organizations. Acknowledging that universities face a constant and steady flow of incoming and outgoing users, the challenge to manage and maintain access and regulations seems nearly impossible. And yet, it seems that more strict access controls and better codes of conduct can help mitigate these threats.
Looking ahead, academic institutions that fail to develop and adapt security solutions to their growing IT needs will continue exposing their faculty and students to malicious bad actors and rogue insiders. Contact us to learn more on how Fortscale User Behavior Analytics helps organizations mitigate the Insider Threat.