Universities targeted for cryptojacking by both hackers and students, claims IT security firm

Higher education sector not doing enough to combat IT security risks, claims Vectra

Universities have been warned about students running cryptocurrency mining operations on academic networks as one of the key security risks targeting the sector.

According to cyber security firm Vectra, it is not just hackers targeting university systems to run cryptocurrency mining campaigns, but students looking to make extra cash by exploiting their inside access to university networks.

A new report from Vectra suggests that university IT systems are increasingly falling victim to crypto hackers. It analysed a variety of sectors, but education was the most badly affected, it claimed.

In total, Vectra explored 4.5 million connected devices and 246 organisations. On average, there were 165 infected devices and 1,403 malicious activities per 10,000 systems.

The C&C activity rate among education organisations is four-times higher than the industry average

The firm tracked 3,715 malicious events and 542 compromised devices in the higher education sector. Engineering came second, with 2,918 detections across 10,000 devices.

Vectra claims that the higher education industry is predominantly affected by command-and-control (C&C) attacks, while reconnaissance activity dominates engineering.

Currently, the C&C activity rate among education organisations is four-times higher than the industry average. For this type of threat, the firm recorded 2,205 instances, compared to 460 detections for other sectors.

Botnet activity is also widespread in higher education, with Vectra logging 151 detections. That is five times the industry average, which is currently at 33 detections.

"These opportunistic attack behaviors leverage devices for external gain, such as bitcoin mining or outbound spam," it said.

"These early attack indicators usually precede other stages and are often associated with opportunistic botnet behaviors in higher education," explained the report.

Meanwhile, the government and technology industries posted the lowest detection rates. There were 496 and 349 detections per 10,000 devices, in total.

"This could indicate the presence of stronger policies, mature response capabilities, and better control of the attack surface," suggested Vectra.

The researchers added: "Corporate enterprises enforce strict security controls to prevent cryptocurrency mining behaviours. However, universities do not have the same luxury with students."