Attend IT Limited Blog

Attend IT Limited has been serving the Brentford area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Colleges Begin to Implement Two-Factor Authentication to Improve Network Security

Colleges Begin to Implement Two-Factor Authentication to Improve Network Security

Has your business dealt with a phishing attack? If not, consider yourself lucky. There has been a massive spike in phishing attacks as hackers are aggressively going after organizations and the personal identifiable information they hold. These attacks are just not focused on typical businesses either, they are going after organizations that provide public goods. One place that has become a major target for hackers (and phishing attacks) are schools.

At first glance, a college would be one of first places any hacker would look to steal information. Not only do today’s colleges have vast, powerful networks, they have many people that regularly compute on those networks who don’t take network security into account in the least. Despite the work of diligent IT administrators, the actions of the students and faculty on the network can really cause a lot of problems, so can direct attacks on the same students and faculty. For this reason, many colleges are starting to implement two-factor authentication procedures to ensure that even security-negligent college students aren’t putting their entire organization’s network at risk.

Two-factor authentication, for those who do not know, is the practice of requiring two steps to gain access to the network in the form of questions. The design is pretty simple, and has been around for a while. Traditionally, a user would type in a password which would prompt another access authenticator code. That electronic authenticator (also called, fob) would provide the user a code to use to access the door. Nowadays, most of the two-factor authentication credentials can be sent to an individual’s mobile device, as an overwhelming majority of people rely on smartphones.

In an article on KrebsOnSecurity, the Director of IT security and Infrastructure at Bowling Green University, Matt Haschak, stated that these attacks had grown from a relatively benign 250 in 2015 to over 1,000 in 2016. These attacks are carried out to steal credentials used to access BGSU’s MyBSGU portal, the main hub for student, staff, and administration affairs for the university. With these credentials, hackers can then infiltrate a system that is populated with thousands of people’s personal information.

Bowling Green isn’t the only example. Other universities have recently been targeted by what their IT security personnel calls “spear phishing” attacks, going after specific people associated with the college. This includes club officers, athletics administrators, and other people who would have access to “fast cash”. While IT administrators are cognizant of these relatively new threats, they tend to evolve and victimize before anything can be done about them.

One instance of this happened at the University of Delaware where scammers are targeting international students. These extortion attempts tell the target that if they don’t pay, they will face deportation under U.S. law. This shows that these attacks are specifically tailored to the recipients, making detection nearly impossible for IT administrators to ward against.

“This is something unusual,” UD IT communications group manager Richard Gordon said, “This is a scam that had not been seen at other universities before. It shows how these scammers are always looking for ways to try to hit students.” Gordon advocates diligence and integrating some type of two-factor authentication system for all accounts that hold sensitive information. “If the account information is stolen, then someone can get into your account. But if you have two-factor authentication, then they can’t access it because they need the extra security code. It’s an extra security piece.”

While college IT administrators have their hands full, your business is often considered low-hanging fruit for these hackers. If you want to learn more on how to protect your network, staff, and your business from these types of phishing attacks, contact our trusted team of IT technicians today. We can assess your current IT setup and consult with you on how to improve your organization’s network security. Call us today at 020 8626 4485.

0 Comment
Continue reading

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Network Security Business Computing Tip of the Week Best Practices Productivity Cloud Managed IT Services Disaster Recovery Data Backup Hosted Solutions Data Recovery communications Privacy VoIP Backup Hackers Malware Data Business Continuity Business Small Business Email IT Support Innovation Outsourced IT IT Services Cloud Computing Cybersecurity Software Productivity Efficiency Mobile Devices Phishing Internet IT Support Computer Saving Money Business Management Smartphone Hardware Internet of Things BDR Upgrade Automation Mobile Device Management Microsoft Covid-19 Managed IT Collaboration Managed IT services Information Technology Server Risk Management Network Ransomware User Tips BYOD Mobility Wi-Fi Communication Budget Workplace Tips Artificial Intelligence Compliance Avoiding Downtime Save Money Managed Service Provider Gadgets Windows 7 Cost Management Meetings Password Data Management Remote Computing Managed Service Spam Passwords Wireless Computers Firewall History Virtual Private Network MSP Smartphones Quick Tips Hosted Solution Redundancy Remote Workers Training Printing Hard Drives Google Tech Term Human Resources Microsoft Office Wireless Internet Networking Solid State Drive Audit Telephony Value Instant Messaging Automobile IT Service Devices Personal Information Data Breach Saving Time Data Security Paperless Office Manufacturing Conferencing Hybrid Cloud Android Windows 10 Remote Work Marketing Employer-Employee Relationship Recovery Telephone Systems Router Document Management Business Technology End of Support Content Filtering Employee-Employer Relationship Mobile Device Users VPN Cost Windows 10 HIPAA Wasting Money Cybercrime Windows Server Video Conferencing Transportation User Error Two-factor Authentication Employees Facebook Remote Monitoring Help Desk AI Word Operating System Encryption Streaming Media Electronic Medical Records Online Storage Managed Services Proactive IT Private Cloud Mobile Virtualization File Storage E-Commerce Social Media Remote Mobile Computing Applications Computing Advertising Amazon Company Culture The Internet of Things Outsource IT Going Green Data Loss Copiers Update Payroll Time Management Content Filter Customer Relationship Management Gamification Legal Office Commerce Professional Services Workers Shadow IT Big Data Bandwidth Payment Cards Analysis Virtual Assistant Machine Learning Telephone Upgrades Voiceover Internet Protocol Administration Proactive Antivirus Workstations Monitoring Voice over Internet Protocol Business Intelligence Browser Lifestyle Wireless Technology Travel Chromebook Printer Business Telephone Remote Working Alexa for Business Dark Web Project Management Colocation Holiday Azure Social Engineering Software as a Service Government Spyware Education Management Cleaning Printers App e-waste Fiber Optics Money IoT Work/Life Balance Students Utility Computing Mobile Office Smart Tech Vendor Backup and Disaster Recovery PCI DSS Hacking Smartwatch Computer Repair Phone System Black Market Cybersecurty Laptop Hacker Entertainment SMB Samsung Vulnerability Active Directory Regulation Apple Application Financial Technology SaaS Managed IT Service Windows Server 2008 Office 365 Unified Communications Flexibility Development Disaster Connectivity Break/Fix OneNote Window 10 Regulations Compliance iPhone intranet Save Time Smart Technology Data Protection Leadership Evernote WPA3 Downtime Nanotechnology iOS Sync Reputation Fraud Battery Display WiFi Data Storage Holidays Specifications Scalability Computer Accessories IT solutions Patch Management Keyboard eWaste Testing 5G Sports Health IT budget Peripheral Investment IT Management Communitications Biometrics Data Privacy Office Tips Analytics Root Cause Analysis Threats Audits Credit Cards Security Cameras Processor Edge Point of Sale Google Assistant Co-Managed Services Unified Threat Management OneDrive Screen Mirroring Policy Google Drive Sales Internet Exlporer Virus Financial Windows 10s Micrsosoft Outlook Windows Ink Device Security HaaS Safety Camera Medical IT Settings Cortana Windows Blockchain Identity Theft Access Control ROI Hosted Desktop Hard Drive Augmented Reality Scams Solutions Chrome Innovations Alert FAQ Politics Charger Computer Fan Benchmarks Internet Service Provider Google Docs Social Ciminal Twitter Sabotage Cast Procedure Retail Bring Your Own Device Humor Vendor Management Hard Disk Drive Digital Signage Shortcut Google Maps Managing Stress Emergency Projects Business Strategy eCommerce Search Identities Worker Commute Memory Scam Admin Windows Server 2008 R2 Smart Devices Updates USB Books Employee Managed Services Provider PC Adobe Wireless Charging App store PDF Experience Best Practice Robot Microsoft Excel Computer Forensics Hyperlink Consultant Organization Websites How To Excel Legislation Emails IT Solutions Troubleshooting Tablets Microsoft Word Virtual Reality Television CrashOverride Facebook Privacy Gmail Wasting Time HBO Reviews WannaCry Mobile Security Apps Information Computer Care Workstation File Sharing Relocation Miscellaneous Gifts Data Theft Current Events Net Neutrality Law Enforcement Tech Support Worker YouTube Comparison Language Keyboard Shortcuts Webinar WIndows Server 2008 CRM NFL Maintenance Storage PowerPoint Video Games Accessory Touchscreen Server Maintenance Inventory Licensing Identity Text Messaging Music Unsupported Software Myths Telework