[NHDOE-ETNews] ET News: Cyber Alert - Potential for Increased Targeting of Educational Institutions

Freeda, Stanley Stanley.Freeda at doe.nh.gov
Wed Apr 16 17:35:07 EDT 2014

Today on the ETNews Listserv
ITEM:  Cyber Alert - Potential for Increased Targeting of Educational Institutions

For your situational awareness, the Center for Internet SecurityUS entity (CIS) is alerting you to a potential increase in targeting of educational institutions by malicious actors.

On April 3, 2014, the hacktivist collective Anonymous announced "OpSafeEdu" targeting educational institutions. The announcement outlines Anonymous' issues with "lax security on educational websites," the violation of student's civil liberties, and abuse of students, specifically mentioning pedophilia. Anonymous does not list specific targets, but does mention the Department of Education. It is highly likely that Anonymous will not distinguish between public and private educational institutions when identifying targets in this operation. Of note, anyone can claim to be a member of Anonymous and anyone, member or not, may suggest targets and operations. Individual participants choose which operations they want to support, currently resulting in numerous operational suggestions and limited activity.

*     In March 2014, Anonymous targeted a private university, purportedly to raise awareness about the university's lack of cyber security. The operation resulted in Anonymous compromising one of the university's servers and releasing information. Anonymous also attempted to engage individuals at the university, via a phishing email, with the hope they would confirm the breach and the university's security issues.

In addition to potential Anonymous targeting, CIS observed the following activity regarding educational institutions in 2014:
*     Network Time Protocol (NTP) Distributed Denial of Service (DDoS) attacks. (For more information, refer to the CIS Cyber Alert "Increase in NTP DDoS Attacks Targeting Schools" disseminated on March 5, 2014.)
*     Website defacements
*     Content Management System (CMS) vulnerabilities

*     CIS will continue to monitor for potential threats to SLTT governments and notify entities of potential targeting. However, if you are aware of Anonymous targeting or threats within your jurisdiction, you should report the activity to CIS.

In addition, CIS recommends the following:
*     Use up-to-date anti-virus, anti-spyware, and anti-adware protection software and deploy a firewall.
*     Apply appropriate patches and updates to all computers.
*     If you are using a CMS such as WordPress, Joomla, or Drupal, make sure the application is updated, patched, and secure.
*     If you are using PHP on your webservers, make sure the system is running the most recent version of PHP.
*     Monitor log files, especially proxy server logs, for unauthorized or suspicious Internet connections.
*     Do not use the same login name or password from work-related systems for any other website. Passwords should be complex and at least 10 characters long.
*     Install a spam filter and block phishing emails based on known malicious subject lines.
*     Educate employees about phishing emails and advise them not to open suspicious emails, not to click on links contained in such emails and to never provide usernames and/or passwords to any     unsolicited requests.
*     Conduct vulnerability scans of Internet facing systems and applications.

Traffic Light Protocol (TLP): WHITE information may be distributed without restriction, subject to copyright controls.

Get even more ET News on the ET News blog<http://nhoetnews.wordpress.com/>.

ET News is a service of the Office of Educational Technology
NH Department of Education    101 Pleasant Street    Concord, NH    03301
For more information, contact
Stan Freeda
603.271.5132       Stanley.Freeda at doe.nh.gov<mailto:sfreeda at ed.state.nh.us>     www.education.nh.gov/instruction/ed_tech/<http://www.education.nh.gov/instruction/ed_tech/index.htm>      www.opennh.org<http://www.opennh.org/>        www.nheon.org<http://www.nheon.org/>

"The need to know the capital of Florida died when my phone learned the answer." ~ Anthony Chivetta, high school student in Missouri
The contents of this message are confidential. Any unauthorized disclosure, reproduction, use or dissemination (either whole or in part) is prohibited. If you are not the intended recipient of this message, please notify the sender immediately and delete the message and any attachments from your system.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://maillist2.nh.gov/pipermail/nhdoe-etnews/attachments/20140416/1275029b/attachment.html>

More information about the NHDOE-ETNews mailing list