This spring, a batch of tests were sent to 100 Clemson University faculty and staff emails in an attempt to access private and personal information.
A fourth of the emails were blocked by the security system and several additional recipients alerted the university to the phishing attempt. But more than a dozen users provided their credentials in response to the email and malware was installed on six of the university’s computers.
For Hal Stone, Clemson’s chief information security officer, the results were an improvement from the past, but not good enough. Even one compromised user could be a problem, Stone said. If a person with access to important data is hacked, it could cause a disruption of business and classes at the university.
Clemson has to protect data for more than 30,000 people each day. The university has around 5,400 employees and nearly 25,000 students work or attend school there, according to the university’s 2018 fact book.
Universities, like so many other businesses, are spending millions to fend off hacking attempts each year. They have access to a range of personal information about their faculty and students, said Rich Burke, the vice president of business development for the security consulting firm Delta Risk and a senior fellow at George Washington University’s Center for Cyber & Homeland Security.
And research universities, such as Clemson, also store information about projects that involve the government. For example, since the 1980s, Clemson has handled data security for the South Carolina Department of Health and Human Services’s Medicaid program, Stone said.
That type of work presents a “pretty attractive target” for hackers, Burke said.
Clemson began contracting with the firm Protiviti in 2014 for auditing services and had the company conduct a cybersecurity ..
Support the originator by clicking the read the rest link below.
