With interest in Artificial intelligence (AI) soaring, we were curious to determine how well a very popular ‘generative AI’ tool, ChatGPT, could perform at identifying the leading causes of cybersecurity incidents experienced by universities. [1] We chose universities as the setting for our query because they are amongst the most complex technology environments, often embracing diverse, decentralized technologies and supporting the needs of disparate user communities such as employees, faculty, students, alumni, and visitors.
We asked ChatGPT: “What are the top causes of cybersecurity incidents on college campuses?”
Overall, while all the six causes of cyber incidents that ChatGPT identified were valid examples of common risks, based on our experience working with universities, not surprisingly, they were not necessarily the top risks that we see.
ChatGPT, like other generative AI platforms, is consigned to learning from reams of historic, broadly generalized information from available public sources. To understand and prioritize cybersecurity threats requires greater context and a more refined perspective of what can go wrong and would necessitate access to data that is not usually broadly available, due to its sensitive nature.
What we have learned is that while it does not seem likely generative AI will be taking over the jobs of security professionals anytime soon, we can expect it to become an increasingly more popular tool for pinpointing, and hopefully helping to address, cybersecurity risks.
According to ChatGPT, the top cause of cyber incidents is phishing attacks.
“Phishing is a type of cyber attack where criminals send emails or messages that appear to be from a trusted source to trick users into revealing sensitive information or downloading malware. College campuses are often targeted by phishing attacks because they are home to a large number of potential victims who may be less experienced with identifying and avoiding these types of attacks.” [2]
We agree
Based on our experience working in higher education, while universities are implementing standards such as Domain-based Message Authentication, Reporting & Conformance (DMARC) and tools like Proofpoint, as well as performing phishing simulation tests and trainings to prevent attacks, phishing (along with messaging-based ‘smishing’ attacks) remains one of the top causes of cyber incidents.
According to ChatGPT, the second top cause of cyber incidents is weak passwords.
“Weak passwords make it easier for hackers to gain access to sensitive information. College campuses are often vulnerable to this type of attack because students and staff may use the same password across multiple accounts or fail to change their passwords frequently.” [2]
We disagree
Many universities are implementing multi-factor authentication (MFA) solutions, which relieves the burden on passwords as the only means of identification, resulting in decreased risk of a successful attack by way of compromising a user account. Alternatively, unsecured portable devices, such as thumb drives as an example, remain an ongoing risk. Users still rely on portable storage devices, which can be easily lost or stolen, to access, store, or share sensitive data. Far too often, these devices lack the password protection and encryption that are typically used on university-controlled laptops and cell phones.
According to ChatGPT, the third top cause of cyber incidents is unsecured networks.
“Unsecured Wi-Fi networks on college campuses can be an easy target for cybercriminals. Hackers can easily intercept unencrypted data transmissions and gain access to sensitive information, such as usernames and passwords.” [2]
We disagree
Many universities have deployed secure Wi-Fi networks for students, staff, and faculty to utilize for access to their school’s network, as well as providing guest networks that visitors must register to use. With unsecured networks becoming less of an issue, we would instead point to unsecured vendors and software providers as a top risk. Numerous incidents have resulted from third-party software, which may have access to a university’s network or process their data, becoming corrupt and spreading malware or getting hacked and exposing personal information.
According to ChatGPT, the fourth top cause of cyber incidents is outdated software and hardware.
“Outdated software and hardware can create vulnerabilities that hackers can exploit. College campuses often have large networks with many different devices, which can make it difficult to keep everything up-to-date.” [2]
We disagree
In an environment as complex as a university’s, keeping all software and devices updated with the latest software versions can be a substantial challenge. To offset this risk, universities are implementing managed detection and response (MDR) tools to monitor and detect threats that would otherwise take advantage of these vulnerabilities. What remains a risk, because it is much harder to detect, is sensitive data or personal information becoming exposed due to misconfigured web applications, databases, or cloud storage where settings allow the data to be publicly viewable. In these circumstances, information that should be kept private becomes readily viewable by anyone that stumbles upon it.
According to ChatGPT, the fifth top cause of cyber incidents is insider threats.
“Insider threats refer to cyber attacks perpetrated by individuals who have authorized access to a system or network. This could include students or staff members who intentionally or unintentionally compromise sensitive information.” [2]
We disagree
For cybersecurity professionals, the term ‘Insider threat’ typically implies malicious theft, destruction, or misuse of data. In educational settings, more often than this, well-meaning faculty and staff may be guilty of oversharing either to be helpful or by accident (e.g., hidden rather than deleted data in workbooks), or even through careless misuse of step-saving tools, such as mail merging functionality.
According to ChatGPT, the sixth top cause of cyber incidents is a lack of cybersecurity awareness.
“Many cybersecurity incidents on college campuses are the result of human error. Students and staff may unknowingly download malware or fall victim to phishing scams if they are not aware of the risks and how to avoid them.” [2]
We agree
When individuals lack risk awareness and an understanding of their security responsibilities, there is a greater potential for errors in judgment. In an environment such as a university, where collaboration and sharing are highly valued, if users grasp the importance of security, they will be more likely to ignore rules and find workarounds to circumvent practices intended to protect the school and their community. It is critical to have a robust cybersecurity awareness and training program to ensure all users have the tools they need to identify, prevent, and report potential risks.
[1] https://www.weforum.org/agenda/2023/02/generative-ai-explain-algorithms-work/
[2] ChatGPT Feb 13 Version. Free Research Preview. On March 1, 2023, response to query: “What are the top causes of Cybersecurity incidents on college campuses?”
Click Here For The Original Source.
————————————————————————————-