For Sale: Academic Credentials
The cyber division of the Federal Bureau of Investigation (FBI) has published a notification, warning US colleges and universities that education and learning qualifications have been marketed for sale on the Dark Web and on online legal marketplaces and sites.
The warning targets universities, colleges, and higher education institutions that credentials have been advertised for sale on Dark Web criminal marketplaces.
This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organisations. Cyber actors continue to conduct attacks against US colleges and universities leading to the exposure of user information on public and cyber criminal forums.
Credential harvesting against an organisation is often a result of spear-phishing, ransomware, or other cyber intrusion tactics.
According to the FBI, the credentials were discovered in January of this year for sale on a Russian cybercrime forum. The credentials pertained to several American universities and colleges across the country. The FBI reported that prices ranged from a few dollars to multiple thousands.
The same document suggested that in May 2021, over 36,000 email and password combinations (some of which may have been duplicates) for email accounts ending in .edu were found on a publicly available instant messaging platform.
The FBI notification also mentioned that the exposure of such sensitive credential and network access information is very detrimental to the institutions as it could lead to cyberattacks against individual users or affiliated organisations.
Higher education institutions should be wary of the threat and change passwords, as well as be diligent with security measures such as two factor authentication. Attackers could attempt to breach credit cards or gain access to other personally identifiable information, submit fraudulent transactions on behalf of the institution, exploit other criminal activity, or launch subsequent attacks.
The FBI explained that the credentials were obtained via spear-phishing, ransomware, or cyber intrusion tactics. To mitigate these threats, the document called for colleges, universities, and all academic entities to establish and maintain strong relationships with the FBI Field Office in their region.
IC3: Malwarebytes: Oodaloop: Infosecurity Magazine: FBI Cyber Div: TEISS: Campus Technology:
You Might Also Read:
Beware Of Credentials Phishing: