4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Colleges Begin to Implement Two-Factor Authentication to Improve Network Security

Colleges Begin to Implement Two-Factor Authentication to Improve Network Security

Has your business dealt with a phishing attack? If not, consider yourself lucky. There has been a massive spike in phishing attacks as hackers are aggressively going after organizations and the personal identifiable information they hold. These attacks are just not focused on typical businesses either, they are going after organizations that provide public goods. One place that has become a major target for hackers (and phishing attacks) are schools.

At first glance, a college would be one of first places any hacker would look to steal information. Not only do today’s colleges have vast, powerful networks, they have many people that regularly compute on those networks who don’t take network security into account in the least. Despite the work of diligent IT administrators, the actions of the students and faculty on the network can really cause a lot of problems, so can direct attacks on the same students and faculty. For this reason, many colleges are starting to implement two-factor authentication procedures to ensure that even security-negligent college students aren’t putting their entire organization’s network at risk.

Two-factor authentication, for those who do not know, is the practice of requiring two steps to gain access to the network in the form of questions. The design is pretty simple, and has been around for a while. Traditionally, a user would type in a password which would prompt another access authenticator code. That electronic authenticator (also called, fob) would provide the user a code to use to access the door. Nowadays, most of the two-factor authentication credentials can be sent to an individual’s mobile device, as an overwhelming majority of people rely on smartphones.

In an article on KrebsOnSecurity, the Director of IT security and Infrastructure at Bowling Green University, Matt Haschak, stated that these attacks had grown from a relatively benign 250 in 2015 to over 1,000 in 2016. These attacks are carried out to steal credentials used to access BGSU’s MyBSGU portal, the main hub for student, staff, and administration affairs for the university. With these credentials, hackers can then infiltrate a system that is populated with thousands of people’s personal information.

Bowling Green isn’t the only example. Other universities have recently been targeted by what their IT security personnel calls “spear phishing” attacks, going after specific people associated with the college. This includes club officers, athletics administrators, and other people who would have access to “fast cash”. While IT administrators are cognizant of these relatively new threats, they tend to evolve and victimize before anything can be done about them.

One instance of this happened at the University of Delaware where scammers are targeting international students. These extortion attempts tell the target that if they don’t pay, they will face deportation under U.S. law. This shows that these attacks are specifically tailored to the recipients, making detection nearly impossible for IT administrators to ward against.

“This is something unusual,” UD IT communications group manager Richard Gordon said, “This is a scam that had not been seen at other universities before. It shows how these scammers are always looking for ways to try to hit students.” Gordon advocates diligence and integrating some type of two-factor authentication system for all accounts that hold sensitive information. “If the account information is stolen, then someone can get into your account. But if you have two-factor authentication, then they can’t access it because they need the extra security code. It’s an extra security piece.”

While college IT administrators have their hands full, your business is often considered low-hanging fruit for these hackers. If you want to learn more on how to protect your network, staff, and your business from these types of phishing attacks, contact our trusted team of IT technicians today. We can assess your current IT setup and consult with you on how to improve your organization’s network security. Call us today at 305-278-7100.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 22 January 2018
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Privacy Best Practices Microsoft software Internet Business Computing Backup Hackers Productivity Hosted Solutions Business Management Managed Service Provider Google Malware IT Services Business Efficiency Windows IT Support Disaster Recovery Innovation Business Continuity Hardware VoIP Workplace Tips Mobile Devices User Tips Saving Money Computer Miscellaneous Virtualization Windows 10 Upgrade Network Security Mobile Device Management Data Server Mobile Computing Email communications Alert Save Money Microsoft Office Communication Network Quick Tips Smartphone Small Business Social Media Information Technology Smartphones BYOD Going Green Mobile Office Android Managed IT Services Outsourced IT Office Apps Health Application Chrome Ransomware Browser Gadgets Operating System Holiday Firewall Productivity The Internet of Things Avoiding Downtime Managed IT Disaster Cybersecurity Tablet Mobility WiFi Cybercrime Data Recovery Passwords Telephone Systems Remote Computing Unified Threat Management Data Backup IT Solutions Risk Management Spam BDR History Best Practice Data Management Search VPN Marketing Employer-Employee Relationship Vendor Management Facebook Budget Automation Hard Drives Saving Time Hacking Remote Monitoring Apple Hosted Solution Wireless Technology Computers Recovery Phone System Big Data Content Filtering Law Enforcement Proactive IT Office Tips iPhone Customer Relationship Management User Error Collaboration Phishing Money Password Current Events Bring Your Own Device Telephony Printer USB Work/Life Balance Humor Administration Encryption Analytics Gmail Wearable Technology Router Office 365 Maintenance Government PowerPoint Antivirus Virus Shortcut Social Lithium-ion battery Vulnerability OneNote Social Engineering Cloud Computing Google Drive Trending Education Net Neutrality Save Time Private Cloud Data Protection Point of Sale Tech Support IT COnsultant Computer Repair Data Security Outlook SaaS Audit HaaS App Cost Management Politics Personal Information Intranet Business Intelligence Users Bandwidth Printer Server Windows 8 Wireless Laptop Unsupported Software Meetings End of Support Instant Messaging Emails Internet Exlporer HIPAA Network Congestion Redundancy Data Storage Entertainment Internet of Things Display Benefits Identity Theft DDoS Computer Accessories Help Desk Solid State Drive Flexibility Augmented Reality Sports Compliance Paperless Office Mouse Fax Server Samsung Two-factor Authentication Workplace Wi-Fi Managing Stress Artificial Intelligence Emergency Excel Streaming Media Applications Uninterrupted Power Supply online currency Social Networking hacker Travel Transportation IT Support Update Customer Service Computer Care Battery Biometrics Robot Windows 10 Retail Virtual Reality Efficency Automobile Books Video Games Sync Programming Smart Technology Blogging Human Resources Document Management Data Loss IT consulting Wiring iOS Running Cable Information Data Breach Advertising Managed IT Service Legal Adobe Managed IT Services Website Mobile Device Debate Google Docs Reliable Computing Touchpad Computer Fan Managed Security Bloatware Licensing OneDrive Scam Amazon Microsoft Excel Dark Web Co-managed IT Screen Mirroring Employer Employee Relationship Branding Worker Commute File Sharing Operating Sysytem Lifestyle Distributed Denial of Service Nokia PDF Cast Ebay Scalability Files Windows 10s Computing systems WIndows 7 Nanotechnology Text Messaging Inbound Marketing eWaste Safety Storage How To Tablets Regulations Chromecast Hard Disk Drive Upgrades hack Root Cause Analysis HBO Value Training NFL Cameras Administrator best practices Consultant Cortana User Colocation CrashOverride IT Management The Blindside Of Science Company Culture Virtual Desktop Black Market Word Twitter Presentation Access data breach Touchscreen Bluetooth Legislation Best Available Hard Drive Settings WIndows Server 2008 Surge Protector IT Technicians IT Security Cleaning Windows Ink Television risk management 3D Printing SharePoint Uograde Experience Images Avoid Downtime Patch Management Keyboard Google Maps Teamwork Music Commerce Regulation Busines Continuity ISP Hiring/Firing Networking Software as a Service Near Field Communication Data storage Conferencing Microsoft Word Gifts Device Security Webinar Devices Taxes Credit Cards Mobile IT solutions Spyware Supercomputer Electronic Medical Records FAQ Professional Services IT Budget Charger IT service Reputation Wireless Charging Tutorial Domains WannaCry Evernote Microblogging Shadow IT Youtube Comparison Relocation Workers Buisness Sales Specifications Gift Giving Managed Service Provder Updates Webinar