The Root Causes of Compromised Accounts at the University

Philip Nyblom, Gaute Wangen, Mazaher Kianpour, Grethe Østby

2020

Abstract

Compromised usernames and passwords are a continuous problem that several organizations struggle with even though this is a known problem with known solutions. Passwords remain a problem for the modern University as it struggles to balance the goals of academic openness and availability versus those of modern cybersecurity. Through a case study, this paper researches the root causes of why compromised user accounts are causing incidents at a Scandinavian University. The applied method was root cause analysis combined with a socio-technical analysis to provide insight into the complexity of the problem and to propose solutions. The study used an online questionnaire targeting respondents who had their accounts compromised (N=72) to determine the probable root causes. Furthermore, the socio-technical approach consisted of the Security by Consensus model to analyze how causes interact in the system layers. We constructed a scoring scheme to help determine the plausible root causes of compromise, and here we identified password re-use across multiple sites (41.7%) as the most probable cause of individual compromise, followed by weak passwords (25.0%), malware infections (19.4%) and phishing (9.7%). Furthermore, the socio-technical analysis revealed structural problems, especially at the ethical-cultural and administrative-managerial layers in the organization as the primary root causes.

Download


Paper Citation


in Harvard Style

Nyblom P., Wangen G., Kianpour M. and Østby G. (2020). The Root Causes of Compromised Accounts at the University. In Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-399-5, pages 540-551. DOI: 10.5220/0008972305400551


in Bibtex Style

@conference{icissp20,
author={Philip Nyblom and Gaute Wangen and Mazaher Kianpour and Grethe Østby},
title={The Root Causes of Compromised Accounts at the University},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2020},
pages={540-551},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0008972305400551},
isbn={978-989-758-399-5},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - The Root Causes of Compromised Accounts at the University
SN - 978-989-758-399-5
AU - Nyblom P.
AU - Wangen G.
AU - Kianpour M.
AU - Østby G.
PY - 2020
SP - 540
EP - 551
DO - 10.5220/0008972305400551