Jul 28 2022

FBI Issues New Alert About Stolen Academic Credentials Found Online

The agency says colleges and universities should take steps to detect anomalies on their networks and prevent future attacks.

A little more than a year after first warning colleges and universities that they were being targeted by cybercriminals, the FBI is once again putting higher education institutions on alert.

In an advisory issued in late May, the nation’s top law enforcement agency said that login credentials from colleges and universities were being advertised in publicly accessible forums online, and that those credentials could be used by cybercriminals to attack “individual users or affiliated organizations.” The FBI said the credentials were located in Russian cybercrime forums as recently as January and that those credentials include access to virtual private networks.

Click the banner below to receive exclusive content about cybersecurity in higher ed.

Cybercriminals were likely able to gain access to the login information through a practice known as credential harvesting, the FBI said, which is often done through “spear-phishing, ransomware or other cyber intrusion tactics.” Those credentials could then be used en masse through “brute-force credential stuffing,” where attackers attempt to use the credentials on a number of sites.

In its advisory, the FBI recommends higher education institutions “establish and maintain” relationships with local FBI offices. The agency also made several recommendations around good cyber hygiene, including keeping operating systems and software up to date, training students and faculty on best practices, requiring multifactor authentication, and using “anomaly detection tools” to spot irregularities on networks.

As ransomware attacks on colleges and universities have swelled, experts continue to recommend a broad-based approach to cybersecurity, including endpoint protection and zero-trust architecture.

aaa 1

Register