At the intersect between education and technology

Tertiary Cybercrime is a Real Threat

Cybercrime in general has been on the rise in 2017, but universities have been increasingly amongst the targets, with the education sector seeing first-hand the effects of the growing sophistication of hackers and digital criminals.

In July, Newcastle University in the UK fell victim to a phishing scam in the form of a website fraudulently operating using its name and logo. And Canadian based MacEwan University lost 11.8 million thanks to an email scam which phished for the universities financial details by sending emails to staff requesting they update account details with current vendors. Africa too has faced an increase in attacks, with Zimbabwe’s National University of Science and Technology amongst the most recent targets.

But it isn’t only phishing which poses a cyber security risk for universities.

Cyber criminals are also launching hundreds of attacks against the world’s leading institutions every year, attempting to steal university research. The primary areas of interest to digital thieves are medical and engineering records and research. FOI’s obtained by The Times showed that Oxford experienced 515 cases of unauthorized access to accounts in 2016, and the research targeted varied from medical advances to military grade stealth fabrics.

What makes tertiary educational institutions such a common target? It’s thanks in part to the massive staff email servers and intranet which keep universities connected, which provide multiple entry points for a trojan, or phishing scam, to take hold.

And on top of that, there’s also the coming and going of hundreds of laptops, smartphones, tablets, music players and a range of other digital devices carried in and out by students, staff and contractors, every day.

Experts agree that the best way to prevent these sorts of scams is education, the institution as a whole has to learn to back up data and to beware of phishing emails. Ensuring that staff and students at universities understand the need for patch-management and proper cyberhygiene is one of the easiest ways to keep sensitive data and research safe.

But there are other methods available to help protect against cybercrime. An obvious way to help prevent phishing and email scams, is to ensure they have the best SSL certificates available, which offer high-authentication methods to differentiate real websites from fake ones.  

Responsiveness in the moment is also something which universities can struggle with when it comes to dealing with a digital threat. Well-developed incident management plans can assist with controlling losses and mitigating damages.

Monitoring systems that regularly scan and quarantine Malware are just as vital for large, interconnected networks as home networks, if not more so. Universities should be investing in the right protection software if they want to keep their users and data safe.

The unique threats posed to universities from cybercrime are only going to increase as the complexity and cunning of hackers and malware developers continues to increase. Through 2017 and beyond, the question of cyber security should be a major issue on the board of tertiary institution across the globe.

Have an article to contribute to Union? Email us.