HP Security Products Blog
From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. HP Enterprise Security Products offers products and services that help organizations meet the security demands of a rapidly changing and more dangerous world. HP ESP enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis and network-level defense mechanisms—unifying the components of a complete security program and reducing risk across your enterprise. In this blog, we will announce the latest offerings from HP ESP, discuss current trends in vulnerability research and technology, reveal new HP ESP security initiatives and promote our upcoming appearances and speaking engagements.

Universities are natural targets for cyber criminals

A major state university is currently notifying as many as 160,000 students that their personal information (including social security numbers) might have been accessed in 2008. Complicating matters, the breach wasn't discovered until a year later.

It used to be that universities were natural targets for attackers because of the student body itself. Defacing a web site was a fun game for script kiddies, and anybody that could achieve a 'Ferris Beuller' would head to the top of the class, quite literally.

Now, though, it's no longer fun and games (if it ever really was). State and federal budget cuts have impacted security as well as everything else, and large universities offer more attack 'bang for the buck' than almost any other target out there. Natural student turnover via graduation, transfer, and dropping out only increases the amount of information and personal data stored and accessible for who knows how long. In this case, some of the records went back to 1999.

I'm sure in 10 years we will still be seeing attacks that breach data that old. Long story short, universities should realize they are ground zero as far as criminal cyber attacks go. The irony is that the cost of notification will often be more expensive than what the criminals ultimately gain from fencing the data.

| ‎07-08-2009 06:32 PM


Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Showing results for 
Search instead for 
Do you mean 
About the Author

Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.