Risk Level: MODERATE
Method of entry:
Small Application / script payload / website link / email or spam
How it works:
Small every changing random payload scripts are carried in and quietly usually on the back of an email, usb file, freeware program, facebook looking invites, shared movie files, shared audio torrents etc.
Method of deployment:
Slow deployment will not replicate itself and send off warning signals. Instead it sits quietly in its random form listing, learning, keying every website and keystroke. Eventually the most complex can initiate simple web sessions and “post” the data in the background using open web ports to the hackers servers. From there data is sourced and filtered, used and sold depending on the quality.
Desktops and Laptops contain user logon information to what matters; Data, bank information, credit information, identity. Hackers know this and realize the complexity of network hacks becomes difficult. Hackers are like electricity….they date the path of least resistance, and right now it seems the end-point is the place. Why try to hack through huge defenses, when you can ride in and learn all the passwords through an unprotected trusted employee?
Who is doing it:
Out of country hackers primarily, open source software. Thousands of faceless hackers work to develop and implement cross border attacks as enforceability is non-existent.
Why it can be a substantial threat:
It’s not defended using traditional methods of black list AV and malware. Anti technologies must first identify a “match” before it can block a threat. What if the threat keeps changing, keeps morphing, and randomizes?
How to mitigate:
The trillion dollar question is how to mitigate. Ironic that’s the kind of numbers in loss we are talking about if not handled. Impact on every organization is significant and should be top of mind. Technical Recommendations – We recommend software that limits payload deployment. Identifying what payloads or applications can run via a whitelist is a safe layer of defense as most other randomly created threats and applications fly right through AV. Executable white listing is simple and easy managed from a simple server software.
Lewis and Clark Community College is a two-year community college located in Godfrey, Illinois, approximately 30 miles north of St. Louis. As a leading educational institution in southern Illinois with an annual enrollment of more than 12,000 students, Lewis and Clark Community College prepares students for four-year colleges and universities. The college also serves the community by offering comprehensive educational opportunities and rich cultural experiences.
Lewis and Clark has approximately 2,000 workstations deployed campus wide across twenty-eight computer labs. Supporting this information technology infrastructure are six IT personnel, two of whom are Denise Erwin and Princess Baehler. Both are Computer Support Specialists at Lewis & Clark, and are responsible for maintaining all computer hardware, software, and peripherals. They also provide help desk support via email and phone, and are responsible for sourcing out new hardware and software products to meet the needs of the college. One day, while searching for Deep Freeze updates on Faronics’ website, Denise came across Faronics’ classroom technology management software, Insight. After reviewing Insight with Princess, they both knew they had found the solution to the problems the technology instructors were battling.
“Before we started using Insight, we faced numerous problems in our computer labs,” says Mary Lou Watson, an Internet Course Technician and Part-Time Instructor at Lewis & Clark Community College. ”As instructors, we constantly endured student mouse click activity while trying to teach the class. Instead of paying attention to the course material, students were surfing the Internet.”
When the use of the Internet was required as part of the curriculum, instructors also faced difficulties. “Having all the students in the class open their browsers and visit a particular page on a website sounds simple enough, but as with many things it’s easier said then done,” says Georgia Voils, another Internet Course Technician at Lewis & Clark Community College. “Whether it was having the students open a website and then navigate through to the required page, or try and have them type in a complex URL, both left too much room for error and confusion. It was very frustrating for instructors to have limited class time wasted on trivial matters such as this.”
Insight Delivers Total Classroom Control To Teachers
After the IT personnel and instructors at Lewis and Clark Community College evaluated Insight, they knew it was the solution they needed. The decision was made to deploy Insight in every computer lab—approximately 2,000 computers across campus.
Faronics Insight enabled the instructors of Lewis and Clark Community College to harness the educational and productive aspects of their computers while minimizing classroom distractions. Teachers now had the ability to share their screen with students, provide remote assistance to students from a central console, and monitor classroom screens to ensure students are on task. Students also appreciated the benefits of Insight—they could request and receive help directly in their workstation session, and have their voice heard
confidentially through computer-based classroom voting. Whenever instructors needed to capture student attention quickly, they could do so by disabling application and Internet access, or by blanking student screens.