14 DAY TRIAL // Recent data compiled by security vendor Sentinel IPS shows that computers on educational and government networks are far more susceptible to malware infections when compared to small-to-medium businesses (SMBs).
Sentinel ISP compiled the report using telemetry data received from its security products and with historical info from its CINS (Collective Intelligence Network Security) database.
According to their team's findings, Internet-connected networks in the educational and government sectors are much more vulnerable to malware infections.
The study showed that these networks accounted for 95% of all Kovter infections and were four times most likely to be contaminated with CryptoWall ransomware.
Additionally, 77% of all critical check-in alerts originated from these networks, check-in meaning the actions of malware trying to contact its C&C server or an attempt to exfiltrate data.
Kovter, CryptoWall, and BrowseFox are the most common infections
Sentinel ISP also reveals that the Kovter information stealer, the CryptoWall ransomware, and the BrowseFox adware were the most common infections in these two sectors.
An explanation for why educational and government networks are more vulnerable when compared to SMBs is "accountability."
The FTC can hold companies responsible for data breaches or other security incidents when evidence exists that no security practices were in place. The same thing cannot be said for the government sector.
While educational institutes can be sued and sanctioned by the FTC, since most of them are private entities and not state-associated, these institutions are known to have lower-tier security measures put in place, along a scattered network and a high bandwidth that makes it a very attractive target for botnet operators.
This means that broad-scope attacks usually tend to be more effective in the two aforementioned domains, despite the fact that the data in SMBs is more valuable on the black market.
