Category Archives: data

How much organizations are investing in analytics and why

Despite 94% of organizations believing data and analytics is important to their digital transformation and business growth, most are not enabling a data-driven culture, according to MicroStrategy. Data-deprived employees Compared to executives and management employees, front-line employees are data-deprived and have the least access to data and analytics. The contrast between the data-privileged and the data-deprived is most pronounced in the financial services industry, with just 11% of front-line employees getting access to analytics reports. … More

The post How much organizations are investing in analytics and why appeared first on Help Net Security.

AI and ML will become important for how organizations run their digital systems

Global organizations are making significant progress with digital transformation projects despite obstacles, however technology leaders are finding that running their digitally transformed organizations is challenging and they are under increased pressure to prove business value. New Relic and Vanson Bourne surveyed 750 global senior IT decision makers of enterprises with 500 to 5,000-plus employees in Australia, France, Germany, U.K., and the U.S. Key findings from the survey include: 1 in 2 tech leaders are challenged … More

The post AI and ML will become important for how organizations run their digital systems appeared first on Help Net Security.

Security still top priority as more enterprises scale IoT solutions company-wide

A record 61 percent of enterprises worldwide are on the path to becoming “intelligent,” compared to only 49 percent in 2018. The Zebra Technologies Corporation global survey analyzes the extent to which companies connect the physical and digital worlds to drive innovation through real-time guidance, data-powered environments and collaborative mobile workflows. Their “Intelligent Enterprise” Index scores are calculated using 11 criteria that include Internet of Things (IoT) vision, adoption, data management, intelligent analysis and more. … More

The post Security still top priority as more enterprises scale IoT solutions company-wide appeared first on Help Net Security.

Do digital architects have the tools to make the most of transformative technologies?

Digital architects are struggling to satisfy their organizations’ digital transformation ambitions, research from Couchbase has found. In a survey of 450 heads of digital transformation responsible for managing data architecture at enterprises across the U.S., U.K., France and Germany, 85 percent of respondents were under pressure to deliver digital projects – with 41 percent experiencing “high” or “extremely high” pressure. This is not helped by the apparent scale of the challenge facing architects. Sixty eight … More

The post Do digital architects have the tools to make the most of transformative technologies? appeared first on Help Net Security.

Running the last mile in analytics

A recent report by McKinsey noted that 40,000 exabytes of data will be collected worldwide in 2020. If just five exabytes is equal to all the words ever spoken by mankind, it’s not an understatement to suggest there is a prodigious amount of material for a data scientist to process to glean insights. To tackle…

DevSecOps role expansion has changed how companies address their security posture

While organizations shift their applications to microservices environments, the responsibility for securing these environments shifts as well, Radware reveals. The rapid expansion of the Development Security Operations (DevSecOps) role has changed how companies address their security posture with approximately 70% of survey respondents stating that the CISO was not the top influencer in deciding on security software policy, tools and or implementation. This shift has likely exposed companies to a broader range of security risks … More

The post DevSecOps role expansion has changed how companies address their security posture appeared first on Help Net Security.

Security capabilities are lagging behind cloud adoption

Security professionals regard their existing tools inadequate for securing critical cloud data, even as their organizations invest heavily, with increasing speed, in cloud applications, according to ESG. The report, based on surveys with responses ranging from approximately 392-600 senior IT decision makers and cyber security professionals, reveals that cloud-first strategies are becoming more common, with 39 percent of respondents from cloud-first organizations saying that they only consider on-premises if someone makes a compelling business case … More

The post Security capabilities are lagging behind cloud adoption appeared first on Help Net Security.

Only 15% of organizations can recover from a severe data loss within an hour

There’s a global concern about the business impact and risk from rampant and unrestricted data growth, StorageCraft research reveals. It also shows that the IT infrastructures of many organizations are struggling, often failing, to deliver business continuity in the event of severe data outages. A total of 709 qualified individuals completed the research study. All participants had budget or technical decision-making responsibility for data management, data protection, and storage solutions at a company with 100-2,500 … More

The post Only 15% of organizations can recover from a severe data loss within an hour appeared first on Help Net Security.

District in Rockford Public Schools Confirms Ransomware Attack

A district within the Rockford Public Schools (RPS) system has confirmed it suffered a ransomware attack that affected parts of its network. On 6 September, District 205 of RPS posted a statement on Facebook in which it noted that its Internet, phones and information systems used to track attendance and student records were down. The […]… Read More

The post District in Rockford Public Schools Confirms Ransomware Attack appeared first on The State of Security.

The Information Technology industry’s major cybersecurity challenges

Estimated reading time: 3 minutes

The Information Technology (IT) sector has snowballed into an extremely profitable and revenue-generating entity in a relatively small amount of time. IT is single-handedly responsible to initiate and implement digitalization ensuring that a very large amount of information gets converted from a manual to a digital format. The industry’s involvement, especially in the avenues of processing data has automatically made it a sought-after target for cyber attackers.

Typically, cybercriminals like to target industries where the repercussion of a cyberattack will be immense and the stolen data will be valuable. By targeting the IT sector, they naturally suffice their purpose of attacking large industries with a huge workforce – something that can impact an entire nation’s economy.

The growing threat is confirmed by the numbers itself – according to Seqrite’s Quarterly Threat Report from the second quarter of 2019, IT/ITES companies were the fourth largest target for cyberattacks at 6.15% of the total malware attacks for that quarter.

But this risk can be significantly averted if the IT sector empowers itself to tackle this growing threat. The first step is assessment and hence, the IT sector must ensure it is in the position to deal with some of the biggest cybersecurity threats that plague this sector.

  1. Skills gap

According to a recent workforce assessment survey, 59% of organizations had vacant cybersecurity positions – Frost & Sullivan forecasts a shortfall of 1.5 million by 2020 globally. This statistic sharply illustrates a major problem the IT sector is facing when it comes to cybersecurity; the daunting and ever-increasing skills gap.

Skilled cybersecurity personnel are in huge demand but the supply doesn’t seem to keep up. That is why organizations in the IT sector must keep exploring ways to overcome the skills gap by investing in regular training and upskilling programs.

  1. MaaS as an Advanced Persistent Threat

As per the analysis of Seqrite’s annual threat reports, it is predicted that the evolution of RaaS (Ransomware as a Service) which is a form of MaaS (Malware as a Service) is pointing towards the future possibility of an ‘As a Service model’ for Advanced Persistent Threats (APTs).

What this would hypothetically mean is that malware authors could quite likely pivot to searching for generic loopholes in high-profile sectors like IT/ITES. These could then be sold as a well-organized attack vector to those willing to pay. Governments or anti-state actors could take use of APT as a service to get information or infiltrate different departments of IT companies.

  1. Data breach

Remember the huge Equifax data breach in 2017? Apart from major reputational and operational damage, it was also responsible for major financial setbacks.

Recent reports suggest that the American organization will have to pay about $700 million as part of a global settlement over the data breach. Recent, Indian IT company Wipro also admitted that they had suffered a high-profile data breach.

Companies in the information technology sector must take cognizance of this growing threat as the amount of valuable data they possess makes them very vulnerable to this threat.

  1. Insider Threats

The IT sector witnesses a constant flux of employees – an endless cycle of attrition and hiring. Employees, current and previous, are instrumental in many instances of accidental or purposeful data leaks. This phenomenon is commonly known as insider threats.

Insider threats pose a major problem for the IT sector, thanks to the number of people with access to confidential data. Employees may switch between different projects for different clients which means they have access to confidential client information.

If this information gets leaked either advertently or inadvertently, it could pose a huge problem for their respective companies.

Keeping all these threats in mind, it is imperative that the IT sector embraces the challenge and keeps upgrading its cybersecurity solutions. They can consider investing in solutions like Seqrite’s Endpoint Security (EPS), a simple and comprehensive platform to protect enterprise networks from advanced threats, and Unified Threat Management (UTM), a one-stop solution for all enterprise security needs.

The post The Information Technology industry’s major cybersecurity challenges appeared first on Seqrite Blog.

The manufacturing industry’s major cybersecurity challenges

Estimated reading time: 3 minutes

Until recently, the manufacturing sector as a whole rarely took cyber threats seriously. This was primarily due to the domain’s outlook that it was a highly specialized industry and hence would not be on the radar of cyberattackers. The outlook started to change after annihilating cyberattacks such as spear-phishing attacks on Saudi Aramco, Stuxnet and the LockerGoga started to surface.

Citing one of the latest cyberattacks, Airbus faced a threat this year when it reported that it had detected an attack on its information systems which resulted in a data breach. Though it did not affect their operations, Airbus did admit that employee-related details had been lost in the breach.

It was events like these when this industry realized that it too is equally prone to cyber threats that can shut down entire production lines and have ramifications throughout the supply chain.

In fact, according to Seqrite’s Q2 Threat Report, cyberattacks are on the prowl in manufacturing, especially in the automobile sector.

We discuss key channels for attackers to target the this industry.

  1. Data breaches

Manufacturers store a vast range of often specialized and classified data on their systems. This ranges from the projects they are working on, blueprints for future products that companies would like to be secretive about, confidential financial data and a lot more. Hackers are aware that this data is a potential goldmine putting manufacturers at risk of data breaches which can lead to disastrous consequences. Manufacturing companies must recognize that the risk of data breaches actually exists and work hard to plug the gap.

  1. Internet of Things and connected manufacturing

The manufacturing industry is increasingly moving towards an era of smart manufacturing where the shop floor and the supply chain are progressively getting interconnected. This helps to speed-up production and time-to-market but also creates an ecosystem where there is a reduced division between different stages in the manufacturing lifecycle.

Although beneficial, this increases the risk of a cyberattack in multitudes – the risk of a single cybersecurity breach can have a deep impact on a manufacturing plant.

Furthermore, with futuristic technologies like the Internet of Things (IoT) seeing enterprise adoption at lightning speeds, manufacturers, now, have to deal with an added cyber threat channel.

  1. IP theft

Intellectual property is the manufacturing industry’s key asset and prized possession. Hence, it is obvious that if it goes in the wrong hands, this could cause immense reputational and financial damage to a manufacturing company. While most companies in this sector have strict rules for employees on the information they can disseminate to external sources, enterprise stakeholders do not consider that the risk for IP theft can also come from cyber attacks, whether it’s data breaches or insider threats.

  1. Falling behind in the skills gap

Mostly, the manufacturing industry collectively understands the importance of specialized knowledge and hiring people with expert skills to solve the problems they face in day-to-day operations. However, considering the current dangerous scenario of enterprise cyberattacks, this needs to be extended to resolve their cybersecurity problems as well.

After all, cybersecurity is a specialized issue and it requires specific people with the correct training and knowledge to tackle it. The manufacturing industry must look beyond a conventional IT department to tackle cyberthreats.

  1. Regulation and compliance

The manufacturing industry has mandates to comply with regulations at a national and an international level that currently encapsulates cybersecurity as well. Most manufacturing companies nowadays operate under some sort of regulatory control for their data. Often this information is stored in the cloud with very limited access and under strict regulations.

If this data privacy is violated, it can have serious consequences and is a factor to be kept in mind when considering a cloud network security strategy.

Keeping the above in mind, it is important for the manufacturing sector to prioritize cybersecurity and invest in solutions like Seqrite Endpoint Security (EPS) and Unified Threat Management (UTM) to ensure they remain protected in this day and age of sophisticated and tailor-made cyberattacks towards the enterprise.

The post The manufacturing industry’s major cybersecurity challenges appeared first on Seqrite Blog.

Showing Vulnerability to a Machine: Automated Prioritization of Software Vulnerabilities

Introduction

If a software vulnerability can be detected and remedied, then a potential intrusion is prevented. While not all software vulnerabilities are known, 86 percent of vulnerabilities leading to a data breach were patchable, though there is some risk of inadvertent damage when applying software patches. When new vulnerabilities are identified they are published in the Common Vulnerabilities and Exposures (CVE) dictionary by vulnerability databases, such as the National Vulnerability Database (NVD).

The Common Vulnerabilities Scoring System (CVSS) provides a metric for prioritization that is meant to capture the potential severity of a vulnerability. However, it has been criticized for a lack of timeliness, vulnerable population representation, normalization, rescoring and broader expert consensus that can lead to disagreements. For example, some of the worst exploits have been assigned low CVSS scores. Additionally, CVSS does not measure the vulnerable population size, which many practitioners have stated they expect it to score. The design of the current CVSS system leads to too many severe vulnerabilities, which causes user fatigue. ­

To provide a more timely and broad approach, we use machine learning to analyze users’ opinions about the severity of vulnerabilities by examining relevant tweets. The model predicts whether users believe a vulnerability is likely to affect a large number of people, or if the vulnerability is less dangerous and unlikely to be exploited. The predictions from our model are then used to score vulnerabilities faster than traditional approaches, like CVSS, while providing a different method for measuring severity, which better reflects real-world impact.

Our work uses nowcasting to address this important gap of prioritizing early-stage CVEs to know if they are urgent or not. Nowcasting is the economic discipline of determining a trend or a trend reversal objectively in real time. In this case, we are recognizing the value of linking social media responses to the release of a CVE after it is released, but before it is scored by CVSS. Scores of CVEs should ideally be available as soon as possible after the CVE is released, while the current process often hampers prioritization of triage events and ultimately slows response to severe vulnerabilities. This crowdsourced approach reflects numerous practitioner observations about the size and widespread nature of the vulnerable population, as shown in Figure 1. For example, in the Mirai botnet incident in 2017 a massive number of vulnerable IoT devices were compromised leading to the largest Denial of Service (DoS) attack on the internet at the time.


Figure 1: Tweet showing social commentary on a vulnerability that reflects severity

Model Overview

Figure 2 illustrates the overall process that starts with analyzing the content of a tweet and concludes with two forecasting evaluations. First, we run Named Entity Recognition (NER) on tweet contents to extract named entities. Second, we use two classifiers to test the relevancy and severity towards the pre-identified entities. Finally, we match the relevant and severe tweets to the corresponding CVE.


Figure 2: Process overview of the steps in our CVE score forecasting

Each tweet is associated to CVEs by inspecting URLs or the contents hosted at a URL. Specifically, we link a CVE to a tweet if it contains a CVE number in the message body, or if the URL content contains a CVE. Each tweet must be associated with a single CVE and must be classified as relevant to security-related topics to be scored. The first forecasting task considers how well our model can predict the CVSS rankings ahead of time. The second task is predicting future exploitation of the vulnerability for a CVE based on Symantec Antivirus Signatures and Exploit DB. The rationale is that eventual presence in these lists indicates not just that exploits can exist or that they do exist, but that they also are publicly available.

Modeling Approach

Predicting the CVSS scores and exploitability from Twitter data involves multiple steps. First, we need to find appropriate representations (or features) for our natural language to be processed by machine learning models. In this work, we use two natural language processing methods in natural language processing for extracting features from text: (1) N-grams features, and (2) Word embeddings. Second, we use these features to predict if the tweet is relevant to the cyber security field using a classification model. Third, we use these features to predict if the relevant tweets are making strong statements indicative of severity. Finally, we match the severe and relevant tweets up to the corresponding CVE.

N-grams are word sequences, such as word pairs for 2-gram or word triples for 3-grams. In other words, they are contiguous sequence of n words from a text. After we extract these n-grams, we can represent original text as a bag-of-ngrams. Consider the sentence:

A criticial vulnerability was found in Linux.

If we consider all 2-gram features, then the bag-of-ngrams representation contains “A critical”, “critical vulnerability”, etc.

Word embeddings are a way to learn the meaning of a word by how it was used in previous contexts, and then represent that meaning in a vector space. Word embeddings know the meaning of a word by the company it keeps, more formally known as the distribution hypothesis. These word embedding representations are machine friendly, and similar words are often assigned similar representations. Word embeddings are domain specific. In our work, we additionally train terminology specific to cyber security topics, such as related words to threats are defenses, cyberrisk, cybersecurity, threat, and iot-based. The embedding would allow a classifier to implicitly combine the knowledge of similar words and the meaning of how concepts differ. Conceptually, word embeddings may help a classifier use these embeddings to implicitly associate relationships such as:

device + infected = zombie

where an entity called device has a mechanism applied called infected (malicious software infecting it) then it becomes a zombie.

To address issues where social media tweets differ linguistically from natural language, we leverage previous research and software from the Natural Language Processing (NLP) community. This addresses specific nuances like less consistent capitalization, and stemming to account for a variety of special characters like ‘@’ and ‘#’.


Figure 3: Tweet demonstrating value of identifying named entities in tweets in order to gauge severity

Named Entity Recognition (NER) identifies the words that construct nouns based on their context within a sentence, and benefits from our embeddings incorporating cyber security words. Correctly identifying the nouns using NER is important to how we parse a sentence. In Figure 3, for instance, NER facilitates Windows 10 to be understood as an entity while October 2018 is treated as elements of a date. Without this ability, the text in Figure 3 may be confused with the physical notion of windows in a building.

Once NER tokens are identified, they are used to test if a vulnerability affects them. In the Windows 10 example, Windows 10 is the entity and the classifier will predict whether the user believes there is a serious vulnerability affecting Windows 10. One prediction is made per entity, even if a tweet contains multiple entities. Filtering tweets that do not contain named entities reduces tweets to only those relevant to expressing observations on a software vulnerability.

From these normalized tweets, we can gain insight into how strongly users are emphasizing the importance of the vulnerability by observing their choice of words. The choice of adjective is instrumental in the classifier capturing the strong opinions. Twitter users often use strong adjectives and superlatives to convey magnitude in a tweet or when stressing the importance of something related to a vulnerability like in Figure 4. This magnitude often indicates to the model when a vulnerability’s exploitation is widespread. Table 1 shows our analysis of important adjectives that tend to indicate a more severe vulnerability.


Figure 4: Tweet showing strong adjective use


Table 1: Log-odds ratios for words correlated with highly-severe CVEs

Finally, the processed features are evaluated with two different classifiers to output scores to predict relevancy and severity. When a named entity is identified all words comprising it are replaced with a single token to prevent the model from biasing toward that entity. The first model uses an n-gram approach where sequences of two, three, and four tokens are input into a logistic regression model. The second approach uses a one-dimensional Convolutional Neural Network (CNN), comprised of an embedding layer, a dropout layer then a fully connected layer, to extract features from the tweets.

Evaluating Data

To evaluate the performance of our approach, we curated a dataset of 6,000 tweets containing the keywords vulnerability or ddos from Dec 2017 to July 2018. Workers on Amazon’s Mechanical Turk platform were asked to judge whether a user believed a vulnerability they were discussing was severe. For all labeling, multiple users must independently agree on a label, and multiple statistical and expert-oriented techniques are used to eliminate spurious annotations. Five annotators were used for the labels in the relevancy classifier and ten annotators were used for the severity annotation task. Heuristics were used to remove unserious respondents; for example, when users did not agree with other annotators for a majority of the tweets. A subset of tweets were expert-annotated and used to measure the quality of the remaining annotations.

Using the features extracted from tweet contents, including word embeddings and n-grams, we built a model using the annotated data from Amazon Mechanical Turk as labels. First, our model learns if tweets are relevant to a security threat using the annotated data as ground truth. This would remove a statement like “here is how you can #exploit tax loopholes” from being confused with a cyber security-related discussion about a user exploiting a software vulnerability as a malicious tool. Second, a forecasting model scores the vulnerability based on whether annotators perceived the threat to be severe.

CVSS Forecasting Results

Both the relevancy classifier and the severity classifier were applied to various datasets. Data was collected from December 2017 to July 2018. Most notably 1,000 tweets were held-out from the original 6,000 to be used for the relevancy classifier and 466 tweets were held-out for the severity classifier. To measure the performance, we use the Area Under the precision-recall Curve (AUC), which is a correctness score that summarizes the tradeoffs of minimizing the two types of errors (false positive vs false negative), with scores near 1 indicating better performance.

  • The relevancy classifier scored 0.85
  • The severity classifier using the CNN scored 0.65
  • The severity classifier using a Logistic Regression model, without embeddings, scored 0.54

Next, we evaluate how well this approach can be used to forecast CVSS ratings. In this evaluation, all tweets must occur a minimum of five days ahead of CVSS scores. The severity forecast score for a CVE is defined as the maximum severity score among the tweets which are relevant and associated with the CVE. Table 1 shows the results of three models: randomly guessing the severity, modeling based on the volume of tweets covering a CVE, and the ML-based approach described earlier in the post. The scoring metric in Table 2 is precision at top K using our logistic regression model. For example, where K=100, this is a way for us to identify what percent of the 100 most severe vulnerabilities were correctly predicted. The random model would predicted 59, while our model predicted 78 of the top 100 and all ten of the most severe vulnerabilities.


Table 2: Comparison of random simulated predictions, a model based just on quantitative features like “likes”, and the results of our model

Exploit Forecasting Results

We also measured the practical ability of our model to identify the exploitability of a CVE in the wild, since this is one of the motivating factors for tracking. To do this, we collected severe vulnerabilities that have known exploits by their presence in the following data sources:

  • Symantec Antivirus signatures
  • Symantec Intrusion Prevention System signatures
  • ExploitDB catalog

The dataset for exploit forecasting was comprised of 377,468 tweets gathered from January 2016 to November 2017. Of the 1,409 CVEs used in our forecasting evaluation, 134 publicly weaponized vulnerabilities were found across all three data sources.

Using CVEs from the aforementioned sources as ground truth, we find our CVE classification model is more predictive of detecting operationalized exploits from the vulnerabilities than CVSS. Table 3 shows precision scores illustrating seven of the top ten most severe CVEs and 21 of the top 100 vulnerabilities were found to have been exploited in the wild. Compare that to one of the top ten and 16 of the top 100 from using the CVSS score itself. The recall scores show the percentage of our 134 weaponized vulnerabilities found in our K examples. In our top ten vulnerabilities, seven were found to be in the 134 (5.2%), while the CVSS scoring’s top ten included only one (0.7%) CVE being exploited.


Table 3: Precision and recall scores for the top 10, 50 and 100 vulnerabilities when comparing CVSS scoring, our simplistic volume model and our NLP model

Conclusion

Preventing vulnerabilities is critical to an organization’s information security posture, as it effectively mitigates some cyber security breaches. In our work, we found that social media content that pre-dates CVE scoring releases can be effectively used by machine learning models to forecast vulnerability scores and prioritize vulnerabilities days before they are made available. Our approach incorporates a novel social sentiment component, which CVE scores do not, and it allows scores to better predict real-world exploitation of vulnerabilities. Finally, our approach allows for a more practical prioritization of software vulnerabilities effectively indicating the few that are likely to be weaponized by attackers. NIST has acknowledged that the current CVSS methodology is insufficient. The current process of scoring CVSS is expected to be replaced by ML-based solutions by October 2019, with limited human involvement. However, there is no indication of utilizing a social component in the scoring effort.

This work was led by researchers at Ohio State under the IARPA CAUSE program, with support from Leidos and FireEye. This work was originally presented at NAACL in June 2019, our paper describes this work in more detail and was also covered by Wired.

School of Cyberthreats: 3 Attacks Impacting Today’s Schools

Educational institutions are data-rich gold mines. From student and employee records to sensitive financial information, schools contain a plethora of data that can be obtained by cybercriminals rather easily due to lack of security protocols. This fact has cybercriminals pivoting their strategies, leading to a recent uptick in attacks on the education sector in the United States and around the world. In fact, there are three main threats impacting schools — data breaches, phishing, and ransomware. Let’s take a look at each of these threats, how cybercriminals have executed them, and the precautions students can take in the future.

Data Breaches

Nearly half of the cyberattacks that impacted schools in 2018 were data breaches, which occur when an unauthorized, third-party gains access to a school’s network. From there, cybercriminals gain access to a host of private information on employees and students, including names, dates of birth, addresses, phone numbers, email addresses, and Social Security numbers. After an attack of this nature occurs, educational institutions reassess their current cybersecurity strategy. This usually entails revisiting privacy settings and reviewing all security protocols. 

Phishing

Even the savviest email user can fall for a phishing scheme. These types of schemes usually entail tricking teachers or students out of private information or money. When cybercriminals send emails with fraudulent links, unsuspecting users click on that link because the web address is usually only off by one or two letters. Once the scammer has been given access through the malicious link, they get to work obtaining private information contained on the device. Using this data, they can enact further schemes. There have even been cases of cybercriminals impersonating deans or teachers asking for gift cards, which is a type of spear-phishing where scammers take the information they have obtained about a victim and use it to their advantage. The good news? Users can prevent against these sneaky attacks by staying vigilant and applying security best practices.

Ransomware

When ransomware hits, schools don’t really have a lot of options. If they have data backups in place, then they don’t have to pay the ransom, otherwise educational institutions have no choice but to completely shut down. Considering how much technology has been integrated into classrooms, this isn’t surprising. A ransomware attack usually occurs when a school district’s system is infiltrated by a virus intending to bring operations to a halt. Cybercriminals hold systems hostage for a certain amount of money or ransom until the district decides to pay. The data that is held can range from a variety of things – lesson plans, financial information, personal employee and student records. There aren’t many ways for schools to bypass these types of attacks unless they are prepared beforehand. One way to be prepared is to back up files in multiple places, such as an external hard drive or cloud.

With the uptick in overall cyberthreats against schools, more and more educational institutions need to put protocols into place to avoid the multitude of ever-growing threats. However, students can do their part in prioritizing cybersecurity by following these tips to ensure personal data is secure:

  1. Watch what you are clicking. Phishing schemes are becoming craftier. A too good to be true study guide or deal on a textbook might end in a compromised system. It is always best to check directly with the source of the email or link before handing over money or data.
  2. Make sure you recognize the sender. When responding to a message, first check to see if you recognize the sender’s name and email address. If it looks strange, ignore the message. If you are unsure, check with the sender in person.
  3. Never reuse passwords. Many users reuse the same passwords or slight variations of it, across all of their accounts. That means if a hacker uncovers one password, all other accounts are put at risk. So, it is crucial to use different passcodes to ensure hackers cannot obtain access to all of your accounts.
  4. Stay on a secure network. If you connect to public Wi-Fi, be sure the network is secure. If it is not, consider using a virtual private network (VPN).
  5. Install security software on all devices. Security doesn’t begin or end with personal computers. All devices need to be protected with comprehensive security software, including mobile devices and tablets.
  6. Make sure all device software is up-to-date. This is one of the easiest and best ways to secure devices against threats, as developers are constantly releasing patches for vulnerabilities and flaws.

And as always, if you are interested in learning more about IoT and mobile security trends and information, follow @McAfee_Home on Twitter, and ‘Like” us on Facebook.

The post School of Cyberthreats: 3 Attacks Impacting Today’s Schools appeared first on McAfee Blogs.