MIT Triumphs as the Most Insecure University in the US, Study Reveals
One of the foremost computer science and engineering schools, Massachusetts Institute of Technology (MIT) ranked at the very end of 485 colleges and universities analyzed and graded for IT security risks in a security benchmarking study.
In a press release, The 2015 Higher Education Security Report, conducted by security firm SecurityScorecard revealed several renowned universities to perform miserably in their overall security framework on the Internet.
Using a network of internet sensors and tools to benchmark the overall security awareness and posture of organizations, SecurityScorecard published the ‘Higher Education Security Report’, covering nearly 500 universities for the first time ever.
The top 10 most secure colleges and universities – an overall “A” grade with 97 % or higher, in order are:
- Merced Community College
- Concordia College
- Adams State University
- Centre College
- Henry Ford Community College
- University of North Alabama
- Golden Gate University
- University of Idaho
- Gannon University and,
- Pepperdine University
“The strongest security seems to be lesser-known institutions,” said Alex Heid, chief research officer at SecurityScorecard, speaking to DarkReading.
“It could be an indication that they are not as heavily targeted. A lot of the information we pull …is related to malware infections and exposures to botnets.”
MIT at the Bottom of the Pile
Surprisingly, it was one of the more renowned technologically-savvy schools that came out at the very bottom of the list for IT security risks – MIT.
One of the most prestigious and recognized schools of higher learning in the world, Massachusetts Institute of Technology, is not displaying strength in its security posture, said researchers at SecurityCard.
“With nearly 80,000 IP addresses discovered in the SecurityScorecard platform, the Cambridge college is showing a plethora of security risks, vulnerabilities, and weaknesses. To receive an overall ‘D’ grade, an organization needs to rank poorly in many of the 10 categories captured in SecurityScorecard. In this case, MIT has four ‘F’ grades, and two ‘D’ grades out of ten,” they added.
MIT was awarded an overall “D” grade in the report but performed worse with an “F” in four of the ten categories put together by the study. MIT also received three “A” grades in DNS Health, Web Application Security and Endpoint Security.
The list of Universities at the very end of the study, from the bottom, are:
- Massachusetts Institute of Technology
- New Mexico State University
- Cambridge University
- Temple University
- University of Virginia
- University of Southern California
- Boston University
- University of California – Riverside
- Louisiana State University and,
- University of Georgia
A common theme among the bottom ranked schools is the ‘exposure of passwords with university email aliases’ proving to be a commonly recurring vulnerability.
According to security company OpenDNS, schools and universities are up to 300% more susceptible to house malware in their networks than government agencies or businesses, based on information and analysis from data obtained from the security company’s network of over 50 million global users.
Images from Wikipedia and Wikimedia.