US Universities Under Cyber Attacks

By Yiftach Keshet | August 20, 2013

In recent months we have witnessed repeating cyber attacks on US universities and research institutes. It is anything but surprising, considering these institutes’ natural role as knowledge breeders and preservers. Universities’ databases appeal to everyone who seeks to illegally acquire that knowledge. These databases contain innovative research, patents, and a multitude of information exchanges and collaborations with other research and business entities.

Major breach incidents occurred at Ferris State University, Stanford University and University of Delaware, where the attack enabled access to confidential personal information of more than 72,000 students and current and past employees. Many other universities report unsuccessful attacks on a daily basis rising sometimes to 90,000-100,000 attempts per day.

The pattern reflecting from all of these attacks is not going directly to the intellectual property storage, but to achieve ‘legitimate’ access by gaining valid names and credentials.

It forces universities to face the extra challenge of protecting intellectual property and to secure the data of a heterogeneous population while preserving the openness unique to a research institution.

Unlike corporations, which also face cyber attacks, the information exchanges in universities entail a more open, and thus more vulnerable environment. Campus networks allow virtually anyone to connect to a server and access the Internet, or gain server access from the outside. This inherent openness, vital to an academic environment poses a challenge from the cyber-defense perspective.

By deploying Cyvera TRAPS on all endpoints, universities can achieve data security without altering the open academic environment openness. Cyvera does not engage its solution with networks but only at the endpoints, enabling both preservation of undisturbed academic network traffic and at the same time thorough protection all endpoints, including database servers.