Company’s Security Labs Releases Threat Research Findings at EDUCAUSE 2013 Conference
ANAHEIM, Calif., EDUCAUSE 2013, Oct. 16, 2013 – OpenDNS, the world’s leading provider of cloud-delivered Web security services, today announced the findings of a research study by its Umbrella Security Labs into cyber-attacks facing colleges and universities. OpenDNS researchers found that higher education networks are 300 percent more likely to contain malware than their enterprise and government counterparts. The study also revealed that EXPIRO targets the higher education sector more often than any other malware family.
The findings were gathered from the OpenDNS network which spans more that 50 million users across 160 countries. Using Big Data analytics, graph theory and machine learning, OpenDNS has developed predictive security capabilities that enable the Umbrella by OpenDNS service to automatically detect and block upwards of 80 million threat requests per day.
“Our research shows that while higher education institutions face the same cyber-attacks as enterprises and government agencies, they tend to be compromised by malware and botnets at a much higher rate,” said Dan Hubbard, CTO of OpenDNS and head of Umbrella Security Labs. “Clearly colleges and universities must operate more open networks and support an endless number of access devices which puts them at higher risk; however, by implementing some fundamental security best practices it is possible to significantly reduce and contain the current rate of infections on campuses.”
EXPIRO does the Most Damage
According to Umbrella Security Labs, the EXPIRO malware is currently the number one threat to universities and colleges. It typically is silently installed when a student or faculty member visits a website which is hosting a Java or Adobe PDF exploit. Once the malware is installed it acts as a file infector that steals user and system information. The information it captures is saved in a DLL file and sent to the attackers Command and Control infrastructure.
Preventing students and faculty from falling prey to these attacks is more challenging than protecting employees on a corporate network due to the large scale of typical college and university networks. Traditional approaches to cyber-security that are based on deep packet inspection or proxying all network traffic aren’t well suited for these high bandwidth environments. They often end up creating network bottlenecks, adding latency and introducing points of failure in addition to raising privacy concerns.
To protect users from visiting malicious sites and block infected devices from phoning home, some of the best practices that colleges and universities can implement include:
• Alerting users when new “spear phishing” campaigns against the institution are detected
• Using predictive analytics to block “malvertising” and “watering hole” Web attacks
• Applying DNS-based enforcement to prevent malware-infected devices from phoning home to botnet operators over non-Web connections
OpenDNS is the world’s leading provider of Internet security and DNS services, enabling the world to connect to the Internet with confidence on any device, anywhere, anytime. OpenDNS provides millions of businesses, schools and households with a safer, faster and more intelligent Internet experience by protecting them from malicious Web threats and providing them control over how users navigate the Internet, while dramatically increasing the network’s overall performance and reliability. The company’s cloud-delivered Umbrella security service protects enterprise users from malware, botnets and phishing regardless of location or device. At the heart of all OpenDNS services is the OpenDNS Global Network, the world’s largest Internet-wide security network, securing 50 million active users daily through 20 data centers worldwide. For more information, please visit: www.opendns.com.