Is the education sector becoming a prime target for cybercrime?
Since August 2020, the National Cyber Security Council has been investigating a spike in the number of cyber attacks affecting education establishments across the UK. Due to the COVID-19 pandemic there has been a particular rise in the number of ransomware attacks, which have had devastating consequences for several major universities.
With an increased focus on the threat posed to the education sector, our upcoming webinar, ‘Education secured: helping you address security challenges in education’, will provide insights into the five critical actions institutions ought to be taking to protect themselves and their students.
Nowcomm’s Chief Technology Officer, James Baly, and Head of Services, Kevin Prone, will be joined by industry experts Perry Timms and Ben Fairburn, to discuss the best ways to protect your operations and minimise the risk of getting hacked.
Ahead of the webinar, here we look at why education establishments are becoming increasingly attractive targets for cyber criminals
The rise of ransomware
Universities are being targeted by hackers who are in search of intellectual property or simply looking to make some easy money. More often than not their method of choice is ransomware as it can have a crippling impact on an institution and requires a significant amount of recovery time to re-enable critical networks.
In May 2020 at least ten universities across the UK fell victim to a ransomware attack where cyber criminals targeted Blackbaud, one of the world’s leading providers of education administration, fundraising and financial management software. The attack accessed the data of current and former students, as well as staff, and asked them to make financial donations to the institution they were affiliated to. Of course, none of this money was going to the universities, it was going straight to those behind the breach.
What are the main risks?
Each university is made up of thousands of students and staff who are likely to be connecting multiple unsecured devices, such as smartphones and laptops, to the network to access and save data. This poses a particular risk as the vast majority of those using the network will have limited cybersecurity training and hackers will see them as an easy target. Research suggests that human error was the cause of 35% of breaches within the education sector in 2019, mainly due to phishing attacks that people thought were coming from a trusted source.
It’s clear that hackers are starting to exploit this lack of knowledge as it was revealed the Open University was targeted with over one million malicious email attacks between January and September 2020. Throughout this nine-month period the Open University was experiencing an average of over 132,000 attacks and spam messages each month. It continues the trend of cyber criminals looking exploit online learning where the threat of a breach is now three times greater than it was in 2019.
However, not every breach is due to human error. Another major risk for education institutions can be malicious or mischievous attacks from insiders, such as unhappy staff or disgruntled students. This presents a further problem for internal security teams as it means data needs to be protected from threats both inside and outside the network.
What are the challenges for universities?
The features that help universities thrive also pose the greatest threat where cyber security is concerned. Potentially thousands of devices are connecting to the same network at any given time and this provides a multitude of attack points for hackers. Add to that the migration of millions of students and staff to learning and working from home due to the COVID-19 pandemic and the potential for a breach increases tenfold. As institutions rush to scale up their cloud services and configure networks due to demand, security can always fall further down the list of priorities.
To learn how more about why education is a prime target for cybercrime, and how you can reduce your institution’s risk and exposure to it, please sign-up for our upcoming webinar. Our team of experts will arm you with five key actions to help you stay secure and protect your establishment.
To guarantee your place please register your details here.