Local Governments and Educational Institutions Nearly Twice as Vulnerable to Malware, Ransomware according to Sentinel IPS Report

Share Article

Analysis of over 30 million security alerts reveals SLED industry IT networks lacking proper internal controls and protections to address security threats.

Sentinel IPS Logo

Sentinel IPS Logo

In today’s world of cybercrime and 24/7 threats, SLED industries unfortunately face the same types of threats as large enterprises – but they are trying to battle those threats with smaller teams and shoe-string budgets.

At a time when network security is more in the spotlight than ever, two industries that the public expects to keep its data private — State and Local Government and Education (SLED) — are nearly twice as likely to be infected with malware or ransomware and four times more likely to be infected with Cryptowall, according to new data released by active threat management system Sentinel IPS.

After evaluating over 30 million Collective Intelligence Network Security (CINS) alerts from its users around the world, Sentinel IPS found that 67 percent of government networks and 72 percent of education networks triggered critical malware or ransomware alerts, compared to just 39 percent of non-SLED networks triggering similar alerts.

“In today’s world of cybercrime and 24/7 threats, SLED industries unfortunately face the same types of threats as large enterprises – but they are trying to battle those threats with smaller teams and shoe-string budgets,” said David Lissberger, chief executive officer of Sentinel IPS.

But it wasn’t just in critical alerts where SLED industries led the way. Sentinel IPS found that regardless of threat severity, SLED IT networks were at considerably higher risk than other industries. That was especially true of educational networks, which accounted for nearly a third of attempted cyber attacks despite representing only seven percent of the sample set.

Additional takeaways from Sentinel IPS’ analysis include:

  •     SLED networks – representing 32 percent of the sample size – accounted for 77 percent of critical extrusion prevention system (EPS) check-in alerts.
  •     Ninety-five percent of all Kovter attacks were in SLED networks. These infected machines attempted to utilize hundreds of command and control servers in over 100 different countries.
  •     BrowseFox alerts were triggered by 67 percent of education networks and 23 percent of government networks, compared to only five percent of non-SLED networks. In total, BrowseFox infections resulted in over 1.3 million alerts.
  •     Preventing or removing a BrowseFox infection should be easy, yet 33 percent of these networks are infected, making BrowseFox nearly seven times more likely to be found on a SLED network.

With new threats emerging every day, Sentinel IPS challenges SLED organizations to have the right security architecture in place, adopt an ‘assume breach’ mentality and use living, breathing threat intelligence tools as an added layer of protection.

“No matter the industry, IT and security professionals need to rethink visibility at every layer of the network, know what’s happening at endpoints, and use the right IPS and network monitoring tools to know what is egressing the network,” said Lissberger. “As hackers become more sophisticated every day, IT must stay one step ahead of those lurking at the network’s door.”

Sentinel IPS’ data was collected from a sampling of users over the course of July 1 through November 9, 2015, and included over 30 million threat alerts from 235 countries. An infographic illustrating Sentinel IPS’ research and key trends can be found here.

To help government IT teams combat the latest cyberthreats, Sentinel IPS released a new educational resource outlining six security misconceptions and how they can be addressed. This free eBook can be downloaded here.

About Sentinel IPS
Sentinel IPS relieves the burden of security for IT teams and offers peace of mind with managed intrusion prevention and detection systems, with the added layer of its propriety protection, Collective Intelligence Network Security (CINS). Its active threat management system is the extra staff member you need – but one that never sleeps. Sentinel IPS is backed by a passionate team of professionals who know and understand you and your organization, responding with exactly what is needed. To learn who’s knocking on your network’s door and discover if internal hosts are compromised, try Sentinel IPS’ free 14-day trial by visiting sentinelips.com/free.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Liz Cies
Idea Grove
+1 972-850-5855
Email >
@SentinelIPS
since: 01/2010
Follow >
Visit website