CBJ Report: UI among biggest targets for university phishing

    The Old Capitol building on the University of Iowa's campus. (Photo courtesy: University of Iowa/Flickr)

    UI among biggest targets for university phishing

    When it comes to cybercrime and phishing attacks, it's not just institutions with sensitive customer data, like banks and hospital systems, that need to be vigilant: Colleges and universities, including the University of Iowa, have become popular targets, as well.

    Moscow-based cybersecurity and anti-virus firm Kaspersky Lab reports that it has registered 961 attempted phishing attacks against 131 universities in 16 countries over the past year. It ranked the University of Iowa as the third-most targeted institution during that time, accounting for 49, or 5.1 percent, of all attempts observed by the organization.

    The University of Washington was the most targeted, attracting 11.6 percent of phishing attempts tracked by Kaspersky. Cornell University in New York state was second, with 6.8 percent.

    In most cases, attackers send an email with a malicious link, or create a webpage for entering logins and passwords to university network platforms that are visibly identical to the authentic ones.

    In a statement, UI Chief Information Security Officer Shari Lewison said university officials are unfamiliar with the research methods used by Kaspersky, but said they have seen six phishing attacks similar to the ones described in the lab's report since September 2017. The university's Department of IT Services also hosts a listing of all phishing examples it has seen on campus, including those claiming to be from UIOWA Support, UIOWA.EDU and webmaster@uiowa.

    To provide context, the UI receives approximately 1.2 million emails a day, Ms. Lewison said, and 60 percent are identified as potentially malicious and prevented from entering the university's system. The number of self-reported phishing emails received represents just .05 percent of the email entering the university's system.

    "We have a number of safeguards in place to protect our employees from having their accounts compromised and additional measures in place to prevent unauthorized access to systems and data," Ms. Lewison said. "Due to the constantly changing threats, we continuously assess how we protect our students, faculty and staff from being victims of phishing attacks."

    No data breaches have been reported as a result of the phishing attempts at the University of Iowa, and educational efforts to teach faculty, students and staff about the dangers continue. The university has also implemented two-step authorization for several employee and student portals, Ms. Lewison said, and are working to implement it with the university's email systems.

    The stealing of academic research and intellectual property through cyber attacks is a growing problem. Nine Iranians were charged for a massive, state-sponsored cyber theft campaign that successfully compromised 8,000 professor email accounts at 144 U.S.-based universities from 2013-2017, the U.S. Justice Department announced in March.

    CR picks MW Properties of IC to redevelop Kingston site

    The Cedar Rapids City Council has selected a five-story apartment building submitted by MW Properties of Iowa City for redevelopment of a flood buyout property north of Dash Coffee Roasters on Second Street SW.

    The proposal calls for a five-story building with 45 apartments and a rooftop garden. A mix of efficiency, one-bedroom and two-bedroom market-rate units with balconies will be offered, along with 47 parking spaces, some of them on an adjacent property, Community Development Director Jennifer Pratt told the council at its Oct. 23 meeting.

    The proposal was one of five submitted to the city council, and received heavy media interest because of the involvement of Nate Kaeding, the standout kicker for the Iowa Hawkeyes who returned to become a local entrepreneur (and CBJ contributor) after a career in the NFL. MW has experience developing infill projects in the Iowa City market, Ms. Pratt said.

    The city council praised the project's contemporary design and 360-degree format that lends an attractive appearance from all sides. Council Member Ashley Vanorney said the design "hits the ball out of the park in terms of what we're asking for in our future projects." However, she urged developers to offer some affordable as well as market-rate units.

    City staff will negotiate with MW Properties and return to the council in 30-60 days with a proposed development deal for the city-owned site, Ms. Pratt said.

    Plans for North Liberty dive shop include indoor pool

    Plans are taking shape for a North Liberty retail store with its own indoor pool.

    Diventures, a retail chain specializing in scuba gear, instruction, apparel and travel service, has submitted plans to the city for a new swimming and scuba diving education center at 1895 W. Penn St., located at the southeast corner of West Penn Street and Penn Court.

    The new facility will have a contemporary design resembling the Diventures center in Omaha where the chain is headquartered, although it will be somewhat smaller, according to JoAnn Haack, retail program director for the North Liberty store.

    The location would make Diventures the first scuba store in the Corridor market to have a pool on premises, she said, enabling the center to offer onsite instruction at convenient times and help customers learn which gear is suitable before traveling to a dive destination. Dive shops typically have to book off-hour time to provide lessons at public, school or hotel pools.

    Diventures opened its current 1,000-square-foot store at 555 Highway 965 S., Suite C, North Liberty, on Jan. 20, 2018. The site plan for the project in the Liberty's Gate subdivision calls for ingress and egress from Penn Court, and was approved by the city council this month.

    News In Photos

      Loading ...