It might look like large organisations are the only ones being targeted by cyber criminals. The rapid move to operating remotely due to the nationwide lockdown meant that universities like other institutions had to quickly come up with alternative methods to continue their students’ education. This often included moving services to the cloud to form a hybrid infrastructure service and utilising software-as-a-service products such as Microsoft 365 and Dropbox.
Previously, faculty and students would have predominantly accessed the network via campus and/or managed devices and would have been protected by the university’s many layers of security. The network and users would have been protected by a robust firewall as the first line of defence. This includes services such as DDoS mitigations, malware blockers and content filtering. So, whilst on campus, the chances of malware getting on to a device were low.
Top 5 cybersecurity facing Universities in 2021
COVID-19-specific research has put some universities more prominently on the radar. However, the increased vulnerability can also be attributed to the technological advancement we’ve seen in recent years. Bring-your-own-device (BYOD) is becoming more common and relied upon by students. With many having spent the last year working from personal devices, this trend will only become more common. Students, teachers and other personnel bring an average of three devices per person to campus. They connect them to the WiFi, opening the entire network up to vulnerabilities.
Intellectual Property Theft
A major threat to the public sector in 2021 is Intellectual Property theft. This is because, as we move toward increased digitization and the storing of more valuable data online, the sector is becoming a more attractive target. Public sector organisations often lack visibility, data control, access auditing and compliance reporting throughout their networks and this needs to be tackled.
Phishing continues to dominate, particularly as remote working continues. As this trend continues so too does your lack of visibility over your employees. Thus, providing more opportunities and points of entry for cybercriminals to access systems, data and information.
Internet of Things (loT) Attacks
The rise in the development of the Internet of Things (IoT) means university resources such as lab equipment, machinery and printers are increasingly being connected to the internet. This makes them a potential door for a threat actor. In 2017, threat actors acquired data from a North American casino by using a fish tank (Washington Post). The tank was connected to the internet via smart sensors that regulated the environment of the tank. This created another entry point to the casino’s network, where threat actors were able to enter and move to other areas where data was stored. So, even a seemingly ‘simple’ object can be used as an opportunity.
Digital transformation has resulted in more data than ever being collected and managed online. This makes the industry a more prominent target for cyber attacks. The process of delivering effective digital transformation and overcoming the related challenges is based on the companies digital strategy, management and how it fits into the company’s overall activities.
At any university, thousands of people are likely to be using personal, often unsecured or unpatched devices such as laptops and smartphones to connect to university networks either direct or via VPN, and using them to access and store university data.