Understanding The Cyber Threats to Universities

The press is constantly flooded with reports of high-profile cyber attacks devastating financial institutions, billion-dollar businesses, and retail giants. But perhaps surprisingly, the education sector reports a higher number of malware incidents than any of these industries. At the time of writing, educational organizations have reported 6.5 million malware attempts in the past 30 days, while retail, the second most affected industry, reported just over 660,000. Supporting an academic environment that prioritizes free and easily-shared information means higher education institutions cannot lock down their systems entirely to defend against attacks. But with ransomware such as PYSA now specifically engineered to exfiltrate data from higher education institutions, universities need to strengthen their cyber posture if they’re to ensure the welfare and retain the trust of their students and staff.

The risk of legacy systems

Colleges and universities hold a huge volume of sensitive data on their students, including Personally Identifiable Information (PII) such as financial data, medical records, and Social Security Numbers. Beyond PII, attackers are also drawn to intellectual property from research carried out on campus, that, if stolen or compromised, has the potential to cause significant financial losses, as well as damage the institution’s reputation and impact student safety.

As one of the first industries to adopt the internet, colleges and universities have long had their vulnerabilities and security systems tested by hackers. And as a result of their early digital adoption, many higher education institutes rely on aging systems that urgently need to be upgraded, making them more vulnerable to “backdoors” that hackers can exploit. The Australian National University serves as an example of this; in 2018 the university had 19 years of personal data stolen by hackers who had been hidden inside their systems for an unknown amount of time. And with each department often having different technological needs and IT structures, universities’ systems lack standardization and central control, increasing the likelihood of gaps and vulnerabilities for hackers to exploit.

A network of untrained users

In 2021, 95% of all successful cyber attacks shared the same cause: human error. Universities are especially vulnerable to the unintentional actions of their end users as the vast majority of them – the student base – are untrained in security practices and more likely to unknowingly admit malware onto their networks through their personal devices and applications. This risk is heightened by sophisticated social engineering attacks like phishing, spear phishing, and spoofing, which are designed to trick unwitting users into giving up their credentials or other information that can be used to breach a system.

Remote learning drives ransomware

After the COVID-19 pandemic forced teaching online in 2020, most universities and colleges have continued to operate a remote or hybrid learning model. The rapid adoption of online learning meant that security teams were not given enough time to scale up existing solutions, bring in new security policies, and invest in new tools. This leaves students and staff far more at risk of being tricked by advanced social engineering tactics and causing larger data breaches when using unsecured home wireless networks.

The impact of remote working on cybersecurity has been particularly evident in ransomware attacks, which have more than doubled within higher education since the beginning of the pandemic. Notably, in 2020, the University of California San Francisco (UCSF) paid a $1.14 million ransom in Bitcoin to recover important research data from their School of Medicine. And ransomware often costs the organizations more than just the ransom: during an attack, students, staff, and faculty may be unable to access vital learning resources and financial systems, resulting in bills failing to be issued and students unable to take tests, damaging the institution’s reputation.

How to prevent cyber attacks on higher education

When considering complex attacks such as ransomware or social engineering tactics like phishing, solutions like multi-factor authentication (MFA) and antivirus cannot completely defend your organization. The only way to cost-effectively identify current and potential threats to higher education is by employing a Zero Trust environment that leverages advanced threat intelligence and Shielding of all known threats, powered by Centripetal CleanINTERNET·’s proactive cyber threat intelligence.

CleanINTERNET automatically evaluates and acts on malicious traffic in real time, drawing from more than 3,500 global threat feeds to alleviate the burden of threat hunting from your internal cybersecurity team and minimize human error. By employing a Zero Trust environment, CleanINTERNET shields your organization from 99% of threats known and mapped by the global threat intelligence community, immediately and at scale. This means that your business benefits both financially, as you save millions on separate threat feeds, and reputationally, with students, teaching staff, and their data kept safe from cyber attacks.

Get in touch with the Centripetal Sales team to chat about cyber threat intelligence for higher education and browse our other vertical-specific blogs here.


Experience how CleanINTERNET® can proactively protect your organization.