Cyberattacks on Colleges and Universities
Cyberattacks on colleges and universities are commonly levied by criminals aiming to steal their research or student information. Cyber criminals will often use phishing, spear phishing, and hardware or software vulnerabilities to launch assaults on their networks and information.
Cyberattacks on universities are also common because attackers can use a university’s powerful computers to execute the attack if they are able to gain access to some of its resources.
Reasons Why Colleges and Universities Are Cyberattack Favorites
Financial Opportunities
Cybersecurity in higher ed is particularly important because cyber criminals are often drawn by enticing financial opportunities. Some of these include:
- Ransomware attacks that enable them to demand a ransom
- Cyber extortion where they can blackmail users into paying money
- Stealing student information and selling it on the dark web
Financial gain is a primary driver for cyberattacks in the education sector.
Wealth of Personally Identifiable Information (PII)
Because student records are filled with sensitive PII, cyber criminals often target university databases. If they are able to penetrate the network, they can steal then use or sell the information to another criminal seeking to defraud people.
Valuable, Confidential Research
Universities spend millions each year in the discovery and investigation of cutting-edge concepts. Therefore, cyber criminals target them knowing a successful incursion could yield a treasure trove of information.
Open Access
In an attempt to keep students, alumni, faculty, and staff connected, many colleges and universities try to maintain relatively open access. This can make them attractive targets for cyber criminals seeking to exploit weak defenses.
Remote Operations
Remote operations and access privileges expand the attack surface significantly. Those who need to gain access to the network may do so using insecure public networks or home networks with lax protections.
Outdated Systems
Older systems may function well and support key elements of a university’s infrastructure, but they are also prone to security vulnerabilities. The longer a system has been around, the more time cyber criminals have had to find ways to crack it. This leaves many institutions vulnerable.
Large Untrained Network User Base
From students to faculty to support staff, the user base of a college or university’s network is huge. Many of them are unaware of the vast number of cybersecurity threats and attack vectors, leaving the institution exposed to breaches. Also, uninformed users are more likely to fall for attacks such as phishing, spear phishing, or spoofing—all of which hinge on a lack of understanding regarding legitimate vs. fake messages and sites.
Types of Cyberattacks That Colleges and Universities Are Most Likely To Face
Ransomware Attack
A ransomware attack is one in which the attacker takes control of the user’s computer, locking them out until the hacker receives a payment. The value of the information and digital systems make universities a high-priority target for ransomware attacks.
Hacking
Hacking is when someone gains unauthorized access to a computer or system, and hackers like to take advantage of the sometimes weak security protocols of higher education institutions. It is important for a university to guard against hackers to remain in compliance with the Family Educational Rights and Privacy Act (FERPA), which protects the privacy of students’ records.
A recent case study reveals how strategically positioning FortiGate next-generation firewalls (NGFWs) can protect an institution's network at the edge, in the data center, and in the cloud. Hillsborough Community College adopted a bring-your-own-device (BYOD) policy that greatly increased the size of its attack surface. They chose to use FortiGate NGFWs to protect multiple segments of their network, as well as keep students and staff in separate wireless domains. In this way, they were able to maintain a lean IT staff while preventing harmful hacking.
Taking steps like Hillsborough Community College has against hackers is necessary. This is especially true in light of an attack on the University of Michigan. Hackers were able to gain access to the university's social media platforms, resulting in an expensive, time-consuming breach.
Phishing
Phishing involves sending communications, typically through email, that trick a victim into giving away sensitive information. The attack surface of a college or university includes all students, faculty, and staff that have email accounts, necessitating a need for vigilance around phishing.
Spear Phishing
In a spear-phishing attack, the attacker seeks to target specific victims to steal information or install malware on their systems. Higher education cybersecurity therefore needs to involve educating users who may be particularly vulnerable to spear phishing. These would include professors, department heads, and anyone with access to student records.
Spoofing
Spoofing involves a person or a program appearing to be legitimate when it is really trying to steal data or infiltrate a system. A university or college is susceptible to spoofing attacks by virtue of its large and often uninformed user community.
Impact of Cyberattacks on Colleges and Universities
The risk posed by cyberattacks falls into three categories.
Financial Loss
Institutions can experience significant financial loss due to ransomware attacks, students choosing to enroll in other schools that have better cybersecurity, and fewer donations from alumni.
Reputation Damage
A college or university that has a successful attack publicized in the media may look vulnerable and weak. This hurts its standing with alumni, board members, the general public, and most significantly, current and potential students.
Operational Issues
A cybersecurity breach can impact remote learning for students, the financial transactions performed by bursars, vendors, and students, the grade management system, and other key elements of the institution’s infrastructure.
How Can Colleges and Universities Defend Against Cyberattacks?
Regular Monitoring and Early Detection
By regularly checking the health of a system, as well as incorporating an early detection solution, you can spot attacks early in their life cycle. This can prevent extensive damage or thwart the attack altogether.
Establish a Formal Security Policy
A formal security policy helps get all stakeholders on board and attaches specific action steps to security objectives. Also, a formal security policy helps encourage more enthusiastic buy-in from stakeholders.
Education and Training
When students and faculty are trained to recognize, avoid, and mitigate the effects of attacks, the entire institution is safer, as is its reputation and income stream.
Recent Cyberattacks on Colleges and Universities
In 2020 alone, there were over a dozen high-profile cyberattacks on colleges and universities. These include breaches at:
- Richmond Community Schools in Michigan
- Gadsden Independent School District in Las Cruces, New Mexico
- Michigan State University (twice)
- Columbia College in Chicago
- University of California, San Francisco (twice)
- The entire California State University system
- Lenoir-Rhyne University, a private school in Hickory, North Carolina
- University of Notre Dame
- University of South Dakota
- University of Central Arkansas
- Wake Technical Community College in Raleigh, North Carolina
How Fortinet Can Help Avoid Cyberattacks on Colleges and Universities
Fortinet has years of experience protecting colleges and universities from cyberattacks. With FortiOS 7.0, a college or university gets a security-focused operating system that bolsters both your cyber protections and the functioning of your network. Students and faculty can safely access your institution’s services from all over the globe, thanks to FortiSASE. This provides cloud-based Security-as-a-Service (SECaaS) to protect the diverse and broad networks of universities and colleges.