The Federal Bureau of Investigation (FBI) has issued a warning to colleges and universities in the US after discovering that stolen employee network credentials and virtual private network access are being sold on public and cybercriminal forums.
The FBI has detected Russian criminal forums posting sensitive university information online since January, including screenshots of site access for “a few to multiple thousands of US dollars.”
It is feared that the data will be used to conduct cyberattacks on other private accounts owned by the students in hopes that victims share the same credentials across various platforms.
“If attackers are successful in compromising a victim account, they may attempt to drain the account of stored value, leverage or re-sell credit card numbers and other personally identifiable information, submit fraudulent transactions, exploit for other criminal activity against the account holder, or use for subsequent attacks against affiliated organizations,” the bureau cautioned in its advisory.
The stolen data was harvested through spear-phishing, ransomware, and other hacking methods.
The pace of cyberattacks against colleges and universities seems to have accelerated in recent years.
Historically Black institution Lincoln College permanently closed after 157 years, as it could not survive the financial challenges brought on by a recent ransomware attack and COVID-19.
“Lincoln College was a victim of a cyberattack in December 2021 that thwarted admissions activities and hindered access to all institutional data, creating an unclear picture of Fall 2022 enrollment projections,” the school said on its website.
Michigan’s Kellogg Community College was also forced to temporarily shut down all five of its campuses after a ransomware attack on its systems and services. The school asked students and faculty to reset their passwords as investigations were conducted.