UNIwise

View Original

The bigger they are, the harder they fall: preventing cyberattacks in higher education 

October is Cybersecurity Awareness Month! This blog post discusses the threats that cyberattacks pose to the higher-education sector, as well as giving some tips and advice for institutions to help protect themselves from ransomware, malware and more.

We live in a digital age, with an ever-increasing number of people, businesses and institutions operating within their own complex digital infrastructures. The higher-education sector is no different – universities are large-scale companies that process huge amounts of highly sensitive data. This, however, makes them the ideal target for cyberattacks, such as ransomware and malware. 

Cyberattacks have been prevalent across the EU in 2023. According to a UK Government survey, 50% of universities reported experiencing breaches or attacks at least weekly, with 75% reporting they were negatively impacted regardless of whether there was a material outcome or not. And these are mostly just smaller-scale attacks. Jisc identified 19 major ransomware attacks during 2022 and nine in the first half of 2023, impacting universities’ ability to undertake core activities, such as teaching. 

With cyberattacks on the rise across the sector, it is important to understand why hackers with malicious intent are targeting universities so frequently, and what dangers they pose to higher education. 

According to a recent report from Universities UK (UUK), titled ‘Cyber Security and Universities,’ the motivation of attackers falls into four main categories:  

  • Attackers intending to directly extort a payment through ransomware or other methods 

  • Attackers intending to steal research data  

  • Attackers intending to use a university’s digital infrastructure to monetise assets, i.e., through bitcoin mining 

  • Attackers intending to disrupt and destroy 

If any of these forms of attacks prove successful, the potential impacts go beyond simply monetary losses for an institution. Students could find their submissions, such as coursework, to be lost or stolen, and their personal data – alongside that of staff – could be traded or sold online.  

Cyberattacks, on a large and coordinated scale, can go so far as to bring institutions to a complete standstill. This can mean that communications and financial transactions end up completely suspended – which can happen during exam season or student enrolment. Cyberattacks have the capacity to bring a university to its knees. So, what can institutions do to protect themselves?  The UUK report suggests there are four main methods HE institutions can use to protect themselves from attacks:

  • Governance – approaches to cybersecurity should be carried out on a corporate level, and clear lines of data assessment should be established from the top down to ensure transparency and organisation. 

  • Assurance – a baseline of cyber safety needs to be established, and institutions need to routinely test their compliance to this baseline.  

  • Technology – advanced technological security needs to be considered as a part of everyday university operations. This applies to a broad range of systems and includes making sure that any built-in protection already in place is turned on and routinely checked. 

  • Culture – staff and students need to be aware of cybersecurity and the prevalence of cyberattacks through regular updates, encouragement and transparency. Checks and balances against cyberattacks should be understood as important and necessary, and not appear to be simply an inconvenience. 

Keeping a strong focus on these four areas can help to protect an institution from cyberattacks and mitigate the potential impacts should one occur.  

There are further ways for an institution to develop a more robust cybersecurity system – one of which is through the use of a digital assessment platform. WISEflow offers a multitude of services to users that can help to protect against dangers, such as malware.  

Without proper end-point protection, students’ computers and uploaded papers can be infected by malware. If an external assessor downloads an infected file, this could cause a serious security incident. UNIwise has therefore developed a malware scanning service for WISEflow to help prevent this from happening. 

Submitted files can be scanned and quarantined, as well as flagged for other users, in order to mitigate the potential impact the malware could have on the participant and institution. The necessary students and managers are then notified, thereby protecting everyone else using the flow, and allowing the relevant bodies to work on resolving the situation. This is offered as an integration within an institution’s own cybersecurity service, to work in tandem with the WISEflow API. 

The challenge of effectively managing student identities and access privileges has also become a focal point for educational institutions in recent years. To help with this, WISEflow offers customers the chance to use Federated Identity Services like eduGAIN, WAYF and ID-porten. 

For universities, the yearly influx of new students makes user provisioning— typically involving creating, updating, and deleting user accounts—an ongoing challenge. Federated Identity Services solve this by linking and using multiple identity management systems cohesively. When a student is first granted an IT account, this can now be used for internal and external IT systems, making the process more efficient. This also helps to avoid manual provisioning, which can be error-prone and resource-intensive. Automated systems also reduce the risk of human errors, such as duplicate accounts or missing permissions, ensuring that students have full access from day one. 

This, in turn, improves cybersecurity. De-provisioning users that no longer require access ensures that only current students and staff can access the system, reducing potential security risks. This enhances security by centralizing identity management, so that institutions can implement robust security measures like multi-factor authentication, across all integrated systems. 

Cyberattacks are on the rise, so understanding the potential threats and having an awareness of preventative measures has never been so important. If you’re interested in learning more about WISEflow and how it can help to improve your institution’s cybersecurity, get in touch at hello@uniwise.eu