>Why Is Higher Education the Target for Cyber Attacks?

Why Is Higher Education the Target for Cyber Attacks?

By | 2019-09-05T13:04:26-07:00 June 24th, 2019|

Why is higher education the target for cyber attacks?

Higher education cyberattacks threaten the security of schools’ intellectual property and students’ personal information. Because universities must have an open network for their students and staff to access, hackers have multiple doors to enter the system. With so much sensitive data at risk, universities must take proactive measures to prevent attacks through threat detection software and other system upgrades. These enhancements must also adhere to many regulations. Finding a balance in preparing your system is key to thwarting security breaches.

Table of Contents

University Cyberattacks: Why Do They Occur?

Higher education institutions face unique threats in their data security. Hackers specifically target universities for the sensitive information stored in their systems. Unlike retailers, whose information typically includes credit card numbers and other customer statistics, universities often hold proprietary research data in their operations.

Chinese hackers targeted 27 universities to try to steal their research findings used for the U.S. military. The hackers coordinated their efforts in April 2017 to find and breach the systems of institutions that researched undersea technology. As of March 2019, none of the schools admitted to having their systems compromised in this attack.

Aside from the information stored in university computers, attackers can also take advantage of the system’s more extensive network to hack into other systems through phishing emails or spam. A listing of the students, faculty and staff at a university with their email addresses becomes a valuable resource for phishing schemes that attempt to gather sensitive information by sending fake emails to users.

Cyber attacks on universities also occur frequently not because the systems lack protections, but because they are so large and complex that implementing those protections becomes difficult. With students logging into the system from cell phones, the least secure form of access, and computers using a variety of operating systems, keeping the software on all these options updated is impossible. Untethered phones, or “jailbroken” phones, are even less secure than other smartphones.

Controlling the software and hardware used to access the university’s network is too large a task for most IT departments. Even if all users logged in with the same secure computers, the system would still face cybersecurity threats.

Because schools hold such vast amounts of highly sensitive information in research and personal data, IT professionals must concern themselves with both preventing and responding to cyber attacks. As prevention methods improve, hackers increase their sophistication, adapting to changes in cybersecurity software and policies.

Protecting your higher education institution’s information needs to become a prime object for your IT office. Without a plan, you could find your office trying to recover from a major data breach.

Information Security Challenges in Higher Education

Information Security Challenges in Higher EducationHigher education institutions face unique security challenges not seen in other sectors. IT departments must face these potential areas of risk and find ways to reduce the threats of attacks on the highly sensitive information stored in university networks.

A large university may have hundreds of thousands of users at any given time. These users may access the system through less secure hardware such as smartphones or legacy computers. Older equipment may not have the specs needed to install the latest software updates, leaving them vulnerable to hacking.

2. Lack of Research Visibility for IT Staff

When it comes to research, universities hold their findings close, so much so that even the IT staff have little knowledge of these critical parts of the system to protect. While research departments will not want to have entire IT departments to know about their studies, essential members of IT still need to understand how to secure the information.

The IT department cannot take measures to secure research data it does not know about. Communication between researchers and IT security should be a part of the planning process for any highly sensitive research at the institution.

3. Open Culture

The task of universities is disseminating information to students, and the method most students use to access at least some of this information is through the school’s network. Weak passwords and too many users with access to too many areas poses a severe security threat.

While locking students out of the school’s network is not feasible, requiring strong passwords and educating all system users on avoiding creating openings can prevent cyber attacks. System users need regularly updated emails, teaching them to avoid phishing schemes and how to spot them.

Encourage students and staff to report any possible fake emails or messages to the IT department and investigate the matter to see if a security breach occurred. While a culture of open information contributes to the sharing of knowledge on university campuses, left unchecked, it can also pose problems for the network. Be prepared to educate students, faculty and staff on how to be better network users to keep the system safe for everyone.

4. Regulatory Compliance

Because institutions deal with regulations governing the various forms of data they handle, ensuring compliance with all rules should be a priority in setting up system security. Medical service data for students and staff must conform to HIPAA policies, while other types of information have to adhere to regulations from FERPA, PCI and Sarbanes-Oxley.

Creating secure systems that hold to these various requirements requires both planning and balance to optimize security without sacrificing usability.

5. Public Relations Problems After Cyber Attacks

Cyber attacks almost always become big news stories. When that happens, public relations problems can become a nightmare for an affected university. News coverages won’t stop after the initial attack, either. The story will reemerge in the public eye at various steps of the investigation.

Even schools not directly involved in a cyber attack will still face a barrage of questions from students, faculty and staff about the school’s plan to protect their information.

Communication becomes vital in the aftermath of a security breach. Those at the affected school need to know about the information taken and how they can protect themselves. For nonaffected schools, use the opportunity to send out information on how users can make the network safer by not sharing passwords, using hard-to-crack passcodes and recognizing phishing.

Having a public relations plan before an attack occurs will help reduce the chances of future incidents while reducing the effects of the negative press on the school.

6. Third-Party Vendors

Not all universities use third-party vendors for software or website creation, but those who do open the school to a new risk. In 2017, SchoolDesk, a school web hosting company, was breached, which allowed hackers to the deface the Bloomfield Public School District’s website. This event highlights the problems of using third parties.

Universities must thoroughly vet any third-party groups they choose for creating their networks or websites. Assurance of the security policies that groups use will help the school to have a safer system. Even with these assurances, universities should continually monitor their networks for any evidence of security breaches or data leaks.

Higher Education Security Breaches

Security breaches happen with frightening regularity in higher education. These incidents illustrate the need for IT departments to embrace a proactive stance against cyber attacks. Some of the most recent events have shown the different ways hackers enter systems and use the breach in a variety of ways.

In the Bloomfield Public School System incident, hackers didn’t steal information but successfully posted an ISIS video to the school system’s website for two hours before IT experts could remove it. The ability to remotely access the system and insert a video onto the website illustrated a novel approach to how hackers have used their access to school systems.

The Chinese attack on research schools in 2017 illustrates the extent that even foreign hackers will go to gaining information from university databases. By recognizing how attractive the proprietary research information is, IT staff can begin to build an increasingly secure system to protect it.

Security breaches happen with frightening regularity in higher education.

In Florida, university and college presidents received cyberextortion emails. These notes requested Bitcoin payments to prevent shootings or bombings at the schools. With regular news reports of school shootings, institutions cannot ignore such threats. The schools did receive word from the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) about the false nature of these messages and did not pay.

Other common reasons for security breaches include identifying vulnerabilities in the system, exploiting information and modifying data. Though most think of how hackers use the data found, the variety of means they do this by needs additional consideration. The open nature of higher education institution networks makes them even more vulnerable to exploitative attacks, including:

  • Spoofing: An attacker will send out emails impersonating a trusted person or entity.
  • Sniffing: Subtler than spoofing, sniffing is a means hackers use to take over and evaluate network traffic.
  • Hijacking: Hijacking happens when an attacker takes over one end of digital communication between individuals.
  • Man-in-the-middle: Similar to hijacking, man-in-the-middle occurs when attackers intercept digital communications between parties to read or alter them. Neither party knows about the interceptions, which the hacker can use for false authentications.
  • False authentication: Hackers may use information gathered from digital communications to authenticate access to secure areas.
  • Password cracking: Weak passwords leave systems open to hackers who can crack them, gaining access to secure areas of the network.

These means of attacking systems remain constant, but once inside, attackers can do much more today with the information in a network than possible in previous years. New technologies also expose novel ways hackers can disrupt universities and other situations.

The Future of Cyber Attacks

Cyber attacks will not happen the same way in the future. Hackers have learned over time to adapt to changes in security methods. Some more pressing problems today faced by IT departments will include hackers using their entry for creating severe disruptions to university operations and affect more than just data.

Cryptojacking hijacks a computer system to use it for cryptocurrency mining, slowing the entire system down while generating money for the attacker. Tracking the issue takes away valuable time from the IT department as it attempts to locate the source of the system slowdown.

Ransomware continues to be a problem for universities that cannot afford to have databases taken hostage and the information lost. Having a backup of the data is the only way of getting it back if the system has a ransomware attack.

State-sponsored hackers reveal a political component to cybercrimes. Universities helping the government develop military technology, such as those in the 2017 Chinese hacker attack, are highly vulnerable to this type of crime. Other nations could use the information stolen from universities to build their military might in the arms race.

Many schools use third-party vendors to create software or webpages. Without knowing the security these vendors put into their systems, higher education institutions risk cyberattacks through these openings. Even third-party financial systems can pose a cybersecurity issue. The restaurant Wendy’s faced this problem when a vendor to more than a thousand of its stores used experienced a data breach.

Though not as crucial today, future cyber attacks could also affect anything connected to the Internet. From cars to computers and medical devices, anything with access to the Internet poses a risk for hackers to take over. Whether a university incorporates such connected devices into its operations will determine the level of risk hacking into those machines poses to the school.

Neutralizing the Threat

Mitigating the threat of cyber attacks requires taking a multi-front approach to the problem. Addressing all the potential areas of breach should form the basis of the prevention tactics. Too many institutions have only reactionary plans in case of an attack rather than methods to prevent the incident from occurring in the first place.

How to prevent problems depends on the type of threat the institution needs to avoid.

To avoid the problems with legacy hardware for highly sensitive information, researchers may only access their data via specific, up-to-date computers that have more secure software built in. Reducing the number of people with access to highly secure networks also can reduce the effects of legacy hardware on the system’s security.

Universities have thousands to millions of points of data for current and former students, staff and faculty. This information could be a goldmine for hackers. To prevent problems with data theft, IT departments must use encryption for sensitive data. If an attack occurs, encrypted data has no use to hackers.

Mitigating the threat of cyberattacks requires taking a multi-front approach to the problem

While universities must allow open access to their networks for students, this availability also will enable hackers inside. Requiring strong passwords and separate networks for students and staff can make the system better protected, as can encrypting the information stored.

Avoiding third-party vendors or thoroughly vetting the ones selected for services will reduce the chances of security hacks through these companies.

While anyone in IT will acknowledge the difficulty of closing all security loopholes for a higher education institution, reducing the chances of a cyber attack is imperative for any IT department. Preparing the network to avoid this situation will help by knowing the likeliest risks and how to prevent them from happening.

Preparation Is Key in Higher Education

Preparing for cyberattacks starts now. We at BlackStratus can help solve the most common security and compliance challenges faced explicitly by higher education institutes. With BlackStratus, we bring you products, such as CYBERShark and LOGStorm, to make your system safer while maintaining compliance with various regulations.

Power. Flexibility. Simplicity. Affordability. We bring you these and more with our cybersecurity solutions at BlackStratus. See how we can help your higher education system prevent cyber attacks.

Contact us today to learn more about our Cybersecurity solutions.

Related Posts

Sources:
  • https://www.insidehighered.com/news/2019/03/06/report-top-universities-us-targeted-chinese-hackers
  • https://www.lamar.edu/it-services-and-support/security/awareness/colleges-and-universities-are-prime-cyberattack-targets.html
  • https://er.educause.edu/articles/2018/1/the-third-times-the-charm-information-security-at-the-top-of-the-list-again
  • https://www.virtru.com/blog/security-challenges/
  • https://www.cyber.nj.gov/threat-analysis/education-sector-an-attractive-target-for-cyber-attacks
  • https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/resources/information-security-guide/network-security
  • https://onlinedegrees.sandiego.edu/top-cyber-security-threats/
  • https://www.northjersey.com/story/news/essex/bloomfield/2017/11/06/bloomfield-school-district-website-hacked-isis-video-displayed/838521001/

Don Carfagno

Strategic executive management and delivery responsibilities of BlackStratus MSP product line offerings of SIEM and Logging for direct, SOC-as-a-Service and channels. Operations professional with 20 years of security management experience. I place a high premium on cost reduction and containment for all aspects of a business. With many years of experience supporting software sales organizations I am uniquely trained to develop and coach cross functional teams. My main area of interest, what makes me want to come to work, is company building and creating successful teams. I enjoy to creating and championing the successful attitude throughout an organization.

LinkedIn Google+