Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Universities Should Prepare for Attacks

Universities have a long tradition of open learning and collaboration, where information is shared freely among students and researchers alike. In fact, universities played a key role in growing the internet from its early military roots to the global communication platform it has become. Unfortunately, in today’s world, ransomware gangs and other bad actors have become a regular part of online life.

Universities have a long tradition of open learning and collaboration, where information is shared freely among students and researchers alike. In fact, universities played a key role in growing the internet from its early military roots to the global communication platform it has become. Unfortunately, in today’s world, ransomware gangs and other bad actors have become a regular part of online life. The tradition of open sharing is under threat, and institutions of higher learning need to find effective ways to protect themselves.

This threat is not theoretical. In the early days of the pandemic, the University of California San Francisco (UCSF) paid $1.1 million to regain access to research data related to a coronavirus vaccine. In June of 2021, a cyberattack forced the University of Massachusetts Lowell to shut down totally for almost a week. The ransomware situation has become so serious that it prompted the FBI to issue a FLASH warning specifically directed toward educational institutions. 

While it’s obviously important for institutions to secure their students from malware, protecting the intellectual assets associated with research conducted by employees is equally important. These assets can have enormous commercial value, which makes them likely targets for exploits. Cybercriminals are also well aware that colleges and universities have limited security budgets, which makes them even more attractive targets.

The increasing use of commercial clouds adds another dimension to the security challenge universities face. Once considered a potential security weakness, however, deployments in commercial clouds can now be highly secured. One of the best ways is through obfuscation.

Turning the Tables on Cybercriminals

Obfuscation is one of the most important weapons in the arsenal of cybercriminals. For obvious reasons, they don’t want to be detected while they’re attempting to carry out an exploit. But now, technology is available that allows colleges and universities to use obfuscation as a defensive weapon. By anonymizing their activities and assets, they can protect people, data and applications from cyber threats at the network level by making themselves invisible. Although obfuscation technology is advanced, the principle behind it is simple. If they can’t find you, they can’t attack you. 

Security Through Obscurity

When individuals engage in even the simplest online activity, they leave a “footprint” that includes their IP (Internet Protocol) address and network identity. This information can form the basis for an attack. Obfuscation at the network layer eliminates these footprints and makes hacking practices such as tracking cookies, browser fingerprinting, and device characterization virtually impossible. It also defends against malware, since without access to device information malicious websites won’t upload payloads.

Advertisement. Scroll to continue reading.

Obfuscation can be achieved by transparently distributing communications within and across multiple clouds using Software-Defined Network (SDN) virtualization and dynamically shifting communications across multiple commercial providers to regularly churn the underlying network infrastructure.

The use of multi-hop transport makes it extremely difficult for anyone, including hackers or search engine optimization companies, to determine actual user information, origination location and identities.

There are two primary reasons why obfuscation is a best practice for institutions of higher learning. 

● Data protection – Academic institutions are at the forefront of cyber security research and need to perform their work in isolated environments that mitigate the risk of data theft and ransomware. 

● Secure communication – Global collaboration is central to many academic research projects, and maintaining privacy in these situations is a high priority. 

The obfuscation that results from disguising and varying network pathways achieves both of these objects.

Throw-Away VMs

Another means of preventing cybercriminals from obtaining footprint information is the use of one-time throw-away virtual machines (VMs) to compartmentalize browsing activity. When such a “burner” VM is used, no valuable identity information can be obtained and any attempts at inserting malware into the network will fail. This is a particularly cost-effective approach to obfuscation for institutions with limited budgets.

Avoiding the “Arms Race”

There is currently what amounts to an arms race between cybercriminals and their victims. New modes of attack appear regularly, and are soon followed by new defensive technologies, with the result that many commercial enterprises operate several dozen cyber defense systems. Universities cannot afford to participate in this costly process, but they still need to protect sensitive data and ensure safe communication. Obfuscation is a best practice that makes this possible. 

Written By

Gordon Lawson is CEO of Conceal, a company that uses Zero Trust isolation technology to defend against sophisticated cyber threats, malware and ransomware at the edge. Previously, he served as president at RangeForce Inc. Gordon has nearly two decades of experience in the security sector with a focus on SaaS optimization and global enterprise business development from global companies including Reversing Labs, Cofense (formerly PhishMe) and Pictometry. As a naval officer, Gordon conducted operational deployments to the Arabian Gulf and Horn of Africa, as well as assignments with the Defense Intelligence Agency, US Marine Corps, and Special Operations Command. He is a graduate of the US Naval Academy and holds an MBA from George Washington University.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

David Currie, former CISO of Nubank and Klarna, has been appointed CEO of Vaultree.

Chris Burger has been named Chief Information Security Officer at F5.

Bedrock Security has appointed George Gerchow as Chief Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.