Illegal Access to Expensive Library Resources

The Network: A mid-sized state university with multiple locations and 30,000 students.

The Expectation: The university library subscribes to expensive publications and bibliographic databases to support its research staff and students. These subscriptions cost several thousand dollars each year. Remote access is governed by EzProxy.

The Catch: Netsurion’s EventTracker detected a particular staff user accessing special databases in the library collection at unusual times and in heavy frequency. This usage pattern was inconsistent with expected behavior.

The Find: The user credentials were stolen and being used electronically by a former student. This is a classic case of unauthorized access-an outsider masquerading as an insider.

The Fix: Change the user password and continue monitoring usage patterns to seek out inconsistencies.

The Lesson: Employee offboarding procedures are crucial. Remote access to expensive resources, even successful ones, bear monitoring and detection by cybersecurity experts. Profiling typical usage patterns on high value systems helps identify out-of-ordinary usage.