Home › Forums › Why are educational institutions a popular target for cyber criminals, and to what extent do educational institutions increase their vulnerability to cyber attacks by failing to update their software regularly? › Educational data at risk
- March 20, 2020 at 00:58 #6668
It may not seem that Educational Institutes would be an attractive target for theft. A university’s database containing assignments would be considered less valuable compared with that of banks or corporations. So why is it that according to a survey of higher educational institutes, one in three universities face cyber attacks every hour in the UK alone? The allure for criminals to crack the code on Educational Institutes lies on the following key reasons.
While it may seem obvious it’s often overlooked that many educational institutes require fees. Students paying their tuition fees using online portals presents an opportunity for cybercriminals to get hold of card details. Likewise, Education is a constantly changing business, which means that if a criminal held particularly important data for ransom it could prove profitable.
It has been said that oil is no longer the world’s most valuable resource but data. One thing that Universities possess in large quantities is information. This was evident in the 2014 cyber attack on Queen Mary’s University, from the politically motivated group Anonymous, who claimed to have stolen the University’s data for revenge over research sponsored by the ministry of defence.
An Easy Target
A chain is only as strong as its weakest link. In the context of cybersecurity this holds particularly true. While not to say that security professionals in Education are doing less than their corporate counterparts, the nature of their playing field means they have to monitor more closely.The need of their users to explore the internet for research and study purposes while usually unconcerned for network security, makes universities an easy target to a data rich environment.
The assumption that they are a low risk to attack means many institutes rely on a few common protections. Many institutions have different departments competing for resources and their budgets tend to be less focused on security. Without adequate staff to monitor the network being used by many users with multiple devices, simple security solutions can only go so far against an attack.
As technology has progressed it would be assumed that so would our security. Indeed we have come far from the basic defence against cyber worms to fast responsive firewalls against trojans and ransomware, however with more advanced devices, so comes the threat of greater cyber attacks.
Displayed in the 2009, Berkeley university data breach, where over months at least 160,000 medical records were stolen, not maintaining adequate, updated protection gives hackers the opportunity to go a long time unnoticed. This can lead to a greater loss to an educational institute, both financially and in reputation. If past trends are anything to go by, in the coming years of this decade we will see an increase in cyber threats to educational institutes that many are not ready to deal with. Failing to update security leaves holes unpatched and educational institutes vulnerable. By being prepared with up to date protection, institutes can greatly reduce their vulnerability to cyber attacks.
You must be logged in to reply to this topic.