Skip to content
UNIwiseOct 26, 20236 min read

The bigger they are, the harder they fall: preventing cyberattacks in higher education

 26 Oct, 2023
 
October is Cybersecurity Awareness Month! This blog post discusses the threats that cyberattacks pose to the higher-education sector, as well as giving some tips and advice for institutions to help protect themselves from ransomware, malware and more

 

UNDERSTANDING CYBER THREATS IN HIGHER EDUCATION

We live in a digital age, with an ever-increasing number of people, businesses and institutions operating within their own complex digital infrastructures. The higher-education sector is no different – universities are large-scale companies that process huge amounts of highly sensitive data. This, however, makes them the ideal target for cyberattacks, such as ransomware and malware.

Cyberattacks have been prevalent across the EU in 2023. According to a UK Government survey, 50% of universities reported experiencing breaches or attacks at least weekly, with 75% reporting they were negatively impacted regardless of whether there was a material outcome or not. And these are mostly just smaller-scale attacks. Jisc identified 19 major ransomware attacks during 2022 and nine in the first half of 2023, impacting universities’ ability to undertake core activities, such as teaching.

With cyberattacks on the rise across the sector, it is important to understand why hackers with malicious intent are targeting universities so frequently, and what dangers they pose to higher education.

WHY UNIVERSITIES ARE PRIME TARGETS

According to a recent report from Universities UK (UUK), titled ‘Cyber Security and Universities,’ the motivation of attackers falls into four main categories:

  • Attackers intending to directly extort a payment through ransomware or other methods
  • Attackers intending to steal research data
  • Attackers intending to use a university’s digital infrastructure to monetise assets, i.e., through bitcoin mining
  • Attackers intending to disrupt and destroy

If any of these forms of attacks prove successful, the potential impacts go beyond simply monetary losses for an institution. Students could find their submissions, such as coursework, to be lost or stolen, and their personal data – alongside that of staff – could be traded or sold online.

Cyberattacks, on a large and coordinated scale, can go so far as to bring institutions to a complete standstill. This can mean that communications and financial transactions end up completely suspended – which can happen during exam season or student enrolment. Cyberattacks have the capacity to bring a university to its knees. 

WISEflow cards

FOUR PILLARS OF PROTECTION RECOMMENDED BY UUK

So, what can institutions do to protect themselves? The UUK report suggests there are four main methods HE institutions can use to protect themselves from attacks:

  • Governance – approaches to cybersecurity should be carried out on a corporate level, and clear lines of data assessment should be established from the top down to ensure transparency and organisation.
  • Assurance – a baseline of cyber safety needs to be established, and institutions need to routinely test their compliance to this baseline.
  • Technology – advanced technological security needs to be considered as a part of everyday university operations. This applies to a broad range of systems and includes making sure that any built-in protection already in place is turned on and routinely checked.
  • Culture – staff and students need to be aware of cybersecurity and the prevalence of cyberattacks through regular updates, encouragement and transparency. Checks and balances against cyberattacks should be understood as important and necessary, and not appear to be simply an inconvenience.

Keeping a strong focus on these four areas can help to protect an institution from cyberattacks and mitigate the potential impacts should one occur. There are further ways for an institution to develop a more robust cybersecurity system – one of which is through the use of a digital assessment platform. WISEflow offers a multitude of services to users that can help to protect against dangers, such as malware.

Without proper end-point protection, students’ computers and uploaded papers can be infected by malware. If an external assessor downloads an infected file, this could cause a serious security incident. UNIwise has therefore developed a malware scanning service for WISEflow to help prevent this from happening.

Preventing cyberattacks in higher education

Submitted files can be scanned and quarantined, as well as flagged for other users, in order to mitigate the potential impact the malware could have on the participant and institution. The necessary students and managers are then notified, thereby protecting everyone else using the flow, and allowing the relevant bodies to work on resolving the situation. This is offered as an integration within an institution’s own cybersecurity service, to work in tandem with the WISEflow API.

IMPROVING IDENTITY AND ACCESS MANAGEMENT IN UNIVERSITIES

Submitted files can be scanned and quarantined, as well as flagged for other users, in order to mitigate the potential impact the malware could have on the participant and institution. The necessary students and managers are then notified, thereby protecting everyone else using the flow, and allowing the relevant bodies to work on resolving the situation. This is offered as an integration within an institution’s own cybersecurity service, to work in tandem with the WISEflow API.

For universities, the yearly influx of new students makes user provisioning, typically involving creating, updating, and deleting user accounts, an ongoing challenge. Federated Identity Services solve this by linking and using multiple identity management systems cohesively. When a student is first granted an IT account, this can now be used for internal and external IT systems, making the process more efficient. This also helps to avoid manual provisioning, which can be error-prone and resource-intensive. Automated systems also reduce the risk of human errors, such as duplicate accounts or missing permissions, ensuring that students have full access from day one.

This, in turn, improves cybersecurity. De-provisioning users that no longer require access ensures that only current students and staff can access the system, reducing potential security risks. This enhances security by centralizing identity management, so that institutions can implement robust security measures like multi-factor authentication, across all integrated systems.

Cyberattacks are on the rise, so understanding the potential threats and having an awareness of preventative measures has never been so important. If you’re interested in learning more about WISEflow and how it can help to improve your institution’s cybersecurity, get in touch at hello@uniwise.eu.

Sign up to our Newsletter

STAY UPDATED ON THE LATEST DEVELOPMENTS

FREQUENTLY ASKED QUESTIONS

Thinking about switching to WISEflow? Find answers to the most frequently asked questions about functionality, implementation, and why institutions choose UNIwise.

Why are universities frequent targets for cyberattacks?

Universities hold vast amounts of sensitive personal data and valuable research, making them attractive targets for ransomware, data theft, and system misuse. Their large, complex digital infrastructures also provide multiple entry points for attackers.
What types of cyberattacks commonly affect higher education?

According to sector reports, common threats include ransomware, malware, data breaches, bitcoin‑mining intrusions, and attacks aimed at system disruption or destruction, all of which can severely impact core university activities.
What risks can cyberattacks pose to students and staff?

Cyberattacks may result in stolen coursework, compromised personal data, halted communication systems, and disruption of critical processes such as exams, enrolment, or financial transactions.
How can universities protect themselves from cyberattacks?

Universities should strengthen four key areas:

  • Governance: Clear top‑down cybersecurity strategies
  • Assurance: Regular compliance testing
  • Technology: Strong security tools and updates
  • Culture: Building awareness among staff and students
How can digital assessment platforms improve cybersecurity?
Platforms like WISEflow offer secure digital workflows, reducing reliance on vulnerable paper-based processes, protecting uploaded files with malware scanning, and centralising assessment activity in a controlled environment.
What is WISEflow’s malware scanning feature?

WISEflow can scan uploaded student files, quarantine suspicious content, and flag threats to relevant users. This prevents infected files from reaching staff devices and reduces the risk of system‑wide incidents.
How does WISEflow help manage student identities securely?

WISEflow supports Federated Identity Services such as eduGAIN, WAYF, and ID‑porten. These allow seamless provisioning and de‑provisioning of student accounts, reducing errors, improving access control, and supporting modern authentication methods like MFA.
Why is de‑provisioning important for cybersecurity?

Removing access for users who no longer belong to the institution prevents dormant accounts from becoming weak points. Automated identity management ensures that only current students and staff can access critical systems.

RELATED ARTICLES