A recent spate of attacks have again highlighted that Universities are a prime target for cyber-criminals. Universities across the US as well as in the UK have reported multiple data breaches (some claiming to have been attacked up to 50 times) in the last 6-12 months and there is no sign of these attacks slowing down.
Most of the recent attacks have come through as phishing emails to student or staff accounts with some of the following scenarios:
- Traffic Offences claiming to be from Government departments.
- Emails disguised as fax messages, which install malware when the link is clicked.
- Emails appearing to come from a legitimate University account, asking users to "Verify The Identity of your Account".
- Emails to staff, supposedly from HR, trying to trick them into providing financial details, by promising a pay rise is on the way.
- A scam offering students $300 per week for summer work, where they were asked to provide their date of birth, address and phone number. Once this information was provided, users were sent a fake cheque and told to keep $300 and deposit the rest into another account.
Why are Universities such an attractive target?
There are a number of reasons that make universities attractive to hackers. Below are just a few of them:
- Wealth of Personal Data: University databases are a treasure trove to hackers, they contain all of the gems they desire most. Personal details, such as name, address, phone number and date-of-birth, credit card details, social security numbers, driver's licence details, bank account information and medical records are all provided by students when they enrol to do a course.
Some universities also have research labs on-site, which are often government-funded. The information held by this department could be pioneering scientific research, or even classified technology, which criminals would love to get their hands on.
- Lack of Visibility: Universities don't have a lot of controls around the hardware and software that is used by students and faculty staff. It is much harder to protect schools, than it is to protect businesses, because universities have to allow users to bring their own devices. Also, the transient nature of system users - mainly students with varying schedules, coming and going at all hours, and then moving on after they graduate – makes it extremely difficult to track down the source of any malicious software that might enter the network.
- Endless Access Points: The vast number of network and data access points that make up a universities IT infrastructure is a gold mine for hackers. With so many departments (registrar, health services, student services, financial aid, etc.) collecting personal information, as well as the infinite number of students, staff, contractors and guests who access the network and systems, it is difficult to find a suitable balance between service and security. In addition to diverse departments, many institutions also have satellite locations; the amount of access points that hackers can target is astounding.
- Different IT Policies: Campuses often have their own software and security in line with the preferences of the department. Differing systems, means that often there are challenges with managing the various systems, which in turn can cause delays in installing security patches, slow down the response time to a security breach, and lead to poor network monitoring.
- High Volume of Connected Users: The majority of students spend a good deal of their time online. The amount of network traffic and WiFi usage at any given time, night or day, is astounding, and those busy, high traffic networks, create the perfect hiding place for hackers.
Universities have a huge challenge on their hands when trying to provide a secure network environment while still having a large number of access points. Their limited IT resources are hit with thousands of security alerts every day, and deal with an overwhelming volume of network traffic, all while working to a tight budget. Implementing security automation could be the answer.