The cybersecurity firm has found some 600,000 email addresses associated with Oxford and Cambridge Universities on the darknet.
A study by RepKnight, a cybersecurity firm, found more than 600,000 email addresses on a dark network associated with Cambridge or Oxford universities. About 400,000 addresses are in Cambridge.
Earlier, on the darknet, there was a trend of selling the so-called grade sheets, thanks to which you can get a university degree. However, it is not known to what extent this option is working and whether it is really possible to provide these sheets as evidence of training in the above educational institutions. (Pavluu's note - extremely doubtful, nevertheless, the sale of such goods was really popular) This trend found its development in the sale of mail accounts.
By the way, last year, a report from the Digital Citizens Alliance found up to 14 million email addresses associated with 300 US universities listed for sale on the dark web. Emails received from educational institutions pose a significant cybersecurity threat as they can be used to launch widespread phishing campaigns or spread misinformation about educational institutions. The credibility of such emails is usually higher, so this is a significant advantage for scammers.
Research results
According to the RepKnight report, the study was conducted using a list of email addresses for each college, faculty, and administrative department at the associated universities. The researchers used a darknet web monitoring tool called BreachAlert.The study found that more than half of the "Oxford degrees" awarded were college-specific, while 97% of "Cambridge degrees" were offered by faculty or university staff. Further analysis of 24 of the UK's leading universities resulted in nearly 5 million listings for sale, as well as 600,000 email addresses for students, staff and others involved in the educational process.
Why is it dangerous? The fact is that educational institutions collect an impressive amount of data about students, and if you compromise this data, you can make a good profit on their sale on the darknet. There are quite a few holes in the information security of most universities, since, as a rule, access to university information is made as simple as possible for students. Hence, various vulnerabilities are born that lead to such leaks.
How can these data leaks be prevented?
According to a report released by Gemalto, a digital technology and cybersecurity firm, there were 918 cases in the first half of 2017 that spawned vulnerabilities that resulted in 1.9 billion compromised data records.Data theft is the most popular cybercrime and accounts for 70-75% of all online crimes. The education sector is seeing an increase in potential vulnerabilities (+ 103% per year) and a + 4000% increase in compromised data. This suggests that criminals are well aware of the weaknesses of university cybersecurity and are actively exploiting them.
So what measures should higher education institutions take to prevent this from happening?
- Use systems in which, in order to log in, you need to use not only a username and password (for example, a code word, a digital code from an SMS, etc.)
- The system must use the location, time and device data that is used for login attempts to decide whether to allow or deny access.
- The system should be configured to prevent simultaneous logins, that is, the student should be limited to one session at any given time. This helps prevent an attacker from logging in at the same time as the authentic student. In the event of a violation, students can be held accountable by checking their login history.
- Another way is to restrict access to student credentials. Students should only be allowed access to certain levels of the network, that is, they have limited access to confidential information. This can help keep the network secure as institutions have more control.
Conclusion
In addition, educational institutions should have the appropriate software and tools to monitor network traffic to help detect malicious activity. Traffic should be scanned regularly, and it is also worth stopping the use of unofficial software on university computers.Human factors also contribute significantly to data breaches and therefore all parties involved must take special care in ensuring that they do not knowingly or unknowingly disclose confidential information.
The dark web will always provide marketplaces through which cybercriminals can sell and buy credentials. Everyone should check to see if their passport, ID card, or anything else is there.
