Service providers (SPs) are stepping up to the challenge of fending off cybersecurity hackers for their higher education customers, including universities. With IoT and 5G happening in real-time and in parallel, SPs are leading in the deployment race for effective cyber-defense systems.
While IoT security services are being added to an existing SP offering of cloud-based, managed services, higher education institutions are just the sort of customers who have a real emerging risk that they can mitigate with a little help from their CSP friends.
IoT in Higher Ed
Universities are increasingly relying on IoT devices to create smart campuses. While IoT is now popularly embraced in an effort to improve the learning experience and participate in the development of new and exciting research, it can also be used maliciously – from the annoying rogue student attack trying to change a grade, to ongoing, horrifying nation state campaigns to access cutting-edge intellectual property from US universities.
Given the broad range of IoT applications available today, not to mention those that will emerge in the future of academia, it’s critical that all student operated devices and university-owned data are protected from new cyber threat vectors.
An Opportunity for SPs
One threat type to be concerned about is attacks that are launched from machines or bots. Over half of all internet traffic is generated by bots — some legitimate, some malicious. Cyber attackers deploy “bad” bots that leverage different methods to achieve nefarious objectives. It is critical that a security solution understands the attacker source even when not just a human sitting at a desktop trying to access data without permission.
This requires a solution that use techniques like machine-learning, analytics, and behavioral analysis to detect automated attacks and misuse from botnets sprinkled all over the network.
Service Providers are catching on to protect their own infrastructure and their enterprise customers of all types. For example, NTT Security, a Top 100 MSSP last year, announced it had “integrated network analytics technology into its Managed Security Services (MSS). The technology helps MSS customers detect and defend against cyberattacks launched on botnet infrastructure.”
Although some higher education institutions, like Montana State University (MSU), have hired a Chief Information Officer and security staff to help sort through this threat, most of the 5,300 colleges and universities in the United States still need help. One subtle but important area that is growing in concern is the ability to deploy defenses that understand the latest generation of botnets that express human-like intent.
In Ed Tech Magazine, MSU CIO Jerry Sheehan explains that, “having a deep understanding of students’ intentions on the network helps the campus security team by making them more aware of an access request that seems out of place.”
Staying One Step Ahead
Most botnet attacks often go undetected by conventional mitigation systems and strategies because bots have evolved from basic scripts to large-scale distributed bots with human-like interaction capabilities to evade detection mechanisms. To stay ahead of the threat landscape requires more sophisticated, advanced capabilities to accurately detect and mitigate these threats. One of the key technical capabilities required to stop today’s most advanced bots is intent-based deep behavioral analysis (IDBA).
IDBA is a major step forward in bot detection technology because it performs behavioral analysis at a higher level of abstraction of intent, unlike the commonly used, shallow interaction-based behavioral analysis. For example, account takeover is an example of an intent, while “mouse pointer moving in a straight line” is an example of an interaction.
Capturing intent enables IDBA to provide significantly higher levels of accuracy to detect advanced bots. IDBA is designed to leverage the latest developments in deep learning.
Together, our academic institutions can work together with local communication and managed service providers to provide best-of-breed, automated and intelligent security solutions that can “fight fire with fire” and dispose of the most advanced security threats.