Over the last year, the education delivery model has changed rapidly. Universities have learnt to operate entirely remotely and now that learning may resume in person, a hybrid education model will likely continue. The transition from physical to online models happened so quickly that it left many IT networks exposed to serious harm from outside forces. With a hybrid model, there is likely a widening attack surface area.
A recent spate of attacks suggests that cyber-criminals are taking notice of the seemingly infinite weaknesses in learning centers defenses. But why?
One of the primary reasons is that universities operate large corporate-sized networks, but without the budgets to match. Add to that, teachers and students aren’t given training to use and connect their technology in a safe way.
To avoid falling victim to devastating cyber-attacks which often have dire consequences, we share three lessons universities need to quickly take on board.
Your Research is Valuable to Cyber-Criminals
There is a hefty price tag on some of the research conducted by universities, which makes it particularly attractive to cyber-criminals. The University of Oxford’s Division of Structural Biology was targeted in February by hackers snooping around, potentially in search of information about the vaccine the university has worked on with AstraZeneca. It’s not just gangs of cyber-criminals targeting research facilities, last year Russian state backed hackers were accused by official sources in the US, UK and Canada of trying to steal COVID-19 vaccine and treatment research.
With world-leading research hidden in the networks of universities, its unsurprising that last year over half (54%) of universities surveyed said that they had reported a breach to the ICO (Information Commissioner’s Office). The research conducted by many UK universities makes them an attractive target for financially motivated cyber-criminals and state-sponsored hackers in search of valuable intellectual property.
To add insult to injury, ransomware attackers are doubling their opportunity for pay off by selling off the stolen information to the highest bidder, causing a serious headache for the victims while potentially increasing the value of their pay-out.
Personal Information of Students and Staff Can Easily Fall into the Wrong Hands
Based on tests of UK university defenses, hackers were able to obtain ‘high-value’ data within two hours in every case. In many cases, successful cyber-attacks are followed by not only a ransom note demanding payment for the recovery of frozen or stolen data, but also the added threat of sharing any sensitive stolen information with the public.
54% of universities have reported a breach to the ICO
With a combination of students, educators and other staff within universities – many of which haven’t been trained to recognize phishing emails – universities are subjected to millions of phishing emails a year. Attackers use phishing to break into university networks and sneak around, undetected, in search of data they believe has the highest value – both to the victim and to other cyber-criminals who might pay good money for it. Quite often, this information is sold or published on the dark web, which can lead to staff and students becoming victims of further crimes, such as identity theft.
Universities can combat this with regular penetration testing – a process whereby security professionals act on your behalf to find and test weaknesses that criminals could manipulate. There are also a number of training tools such as Sophos Phish Threat which simulates an attack to test and educate end users.
A Cyber-attack Can Knock Everything Offline
Higher education facilities continue to be a concern for the UK's cybersecurity agency, as cyber-attacks have been steadily on the rise in this sector. In March of this year, the NCSC shared a renewed warning to education facilities following a spate of ransomware attacks against academic institutions in February – a trend that seems to be ongoing with at least one university being hit each month in 2021.
With some students still studying remotely, an attack could see students left sitting at home, unable to access course materials, online tools and any of the other resources they need to get on with their work. For university students paying £9,000 a year and facing some of the most important exams of their lives, the implications of a cyber-attack are enormous on both a financial and personal level. Along with the crippling costs of getting online services back up and running, the reputational damage can have dire financial consequences for universities which rely on students for income.
One of the most effective ways to protect staff and students is with preventative action, such as Sophos Managed Threat Response which hunts down cyber-criminals on the network and takes targeted action before they have the chance to cause harm. Better still, with greater cyber awareness and security training, universities can reduce the chance of attackers breaking into their system in the first place.
With their budgets stretched in every direction, cash-strapped universities will be asking themselves if they can afford to invest in top of the range cybersecurity defences. Unfortunately, with the threat only growing, they really need to be asking themselves if they can afford not to.
