DEV Community

Cover image for Universities under attack

Posted on

Universities under attack

In 2020, we've tremendous changes in our daily lives. Now, we study and work remotely, and that has a massive impact on IT and cybersecurity. While the number of cyberattacks has tripled, our approach to security remains the same.

In July and August alone, the number of weekly attacks on educational organizations in the US increased by 30% (608 total incidents). The average number of weekly attacks on the European academic institutions in the same period rose by 24% (to 793 incidents). Most of these attacks were aimed at information disclosure. This is a threatening trend, and the new wave of the pandemic and another shift to distance learning can only make it worse.

Why are schools so attractive to hackers?

Colleges and universities are a mother lode for cybercriminals because they store tons of personal data. Higher education institutions collect social security numbers, passport details, scholarship data, and a host of other personal information, all of which is precisely what hackers need. With stolen personal data, they can organize successful phishing campaigns.

Besides, universities own intellectual property, including research data and exclusive access to thousands of publications university libraries have. Some of this information could be sold to an interested third party and damage the victim institution.

The attacks can also be aimed at hijacking university email accounts. The point is that virtually every email system today employs some form of anti-spam filters. They analyze incoming mail and decide whether a letter should be delivered to the recipient. Many rules help identify potential spam, and some parameters are pretty straightforward. For example, it turns out that letters coming from .edu addresses are usually deemed trustworthy and are less likely to end up in the spam folder. So, valid .edu email accounts are very suitable for phishing attacks and can be used to deliver malicious attachments or links with a high success rate.

How do attackers break into a school's system?

Educational institutions are relatively easy targets because they often do not maintain cybersecurity properly. Most students use their own laptops, tablets, and phones, which is a considerable threat. Incorrectly configured systems, simple passwords, and absent precautions could lead to inadvertent disclosure of confidential information.

Phishing attacks are still widespread. In August 2018, over 300 fake university websites were discovered in 14 countries. Malicious emails redirect victims redirected to fake websites with login pages designed to steal user credentials. Once they are entered, the victim is redirected to the legitimate university website.

Ransomware is another major threat for universities and colleges. It encrypts data and threatens to disclose or destroy it unless a ransom is paid. For example, in August 2020, the University of Utah was attacked by the NetWalker ransomware. The attackers encrypted the data and threatened to publish student details online, prompting the university to pay a ransom of $ 457,000. The University of California, San Francisco, has also fallen victim to NetWalker. The university decided to pay $1.14 million to recover decrypted files.

Could students be a threat?

Sometimes students become attackers. They move freely across campus, which makes it hard to track down the source of an attack. As was shown by a security audit of 400 British schools, the students were responsible for 20% of the incidents.

What usually motivates students to attack the school's systems is their desire to change their grades or exam results. Such cases are quite common. For example, it happened in the Winston Churchill High School in Maryland. A student of Tesoro High School, California, was put on trial for fixing grades. Two students of Haddonfield Memorial High School in New Jersey were charged for breaking into the school's system's secured areas. They used a keylogger to get the necessary passwords. Finally, an expelled student of the University of Greenwich went as far as hacking the university website to ask the management to take him back.

How can universities protect themselves?

Higher education institutions continue to be an attractive target for cybercriminals, especially with the spread of distance learning. Colleges and universities must adopt stronger strategies to ward off attacks and protect their data.

Education and training are useful to minimize the risk of cyber incidents. It is critical to have robust security measures in place and maintain the cybersecurity awareness of the staff. There are so many courses to fit any demand. Yet, boring lectures, outdated textbooks, and complex tasks do not give the expected results. On the opposite, gamified cybersecurity courses can effectively help schools change their security practices and ensure their systems and data are safe.

Top comments (0)