The university, a private institution in Hoboken, N.J., known for the strength of its cybersecurity program, remained off-line for a week. “While we’ve seen a shift where ransomware attacks have become more targeted and planned, we haven’t seen a broader campaign targeting universities during the fall return to campus,” he said. The Stevens Institute of Technology reported on Aug. 10 that it was the victim of a “very severe and sophisticated” cyberattack. A research conducted by a government-funded agency has discovered that students are more responsible for cyber attacks on Universities and Colleges than hacking groups doing the organized crime. In the aftermath, BA not only had to deal with the financial costs of investigating the breach, but the cost of additional security (eg penetration testers, consultants, security vendors, public relations and legal advice). A 2007 hack exposed information including the social security numbers of up to 3,000 staff members as well as 400 state credit card numbers used for school purchases. These attacks are typically coming from criminal groups in China, Vietnam and Eastern Europe, he said. Finally, we had to upscale our technology, training, insurance, auditing and general awareness, which consumed a lot of resources and directly impacted staff right across the organisation. BA will also be aware of the reputational and brand damage associated with the breach, and potential litigation. This article explores the cybersecurity threats that the higher education space faces, as well as a range of solutions that can help colleges and universities combat future attacks. It is possible, but it’s challenging.”. David Maguire. Schreiber said taking systems off-line could serve a couple of purposes. Cyber attacks on universities also occur frequently not because the systems lack protections, but because they are so large and complex that implementing those protections becomes difficult. Universities have been targeted in the past with disruption campaigns such as denial-of-service attacks during peak periods such as class registration or final exams, said Schreiber. By exploiting a software vulnerability, the attackers were able to gain access to college systems and start creating fake student accounts for malicious purposes. "By preventing users from interacting with the systems, IT teams can more easily perform tasks like data recovery, bulk password resets and testing of new security protocols.”. UK Top Stories . At the University of Connecticut, student Social Security numbers and credit card data were taken. Classes began as scheduled Aug. 26. “Adopting multifactor authentication for remote access can drastically reduce exposure to outside attackers,” said Schreiber. Hackers can then demand payment for an encryption key. Hackers specifically target universities for the sensitive information stored in their systems. This is where Geopolitical objectives might come into play. In 2019 alone, 89 U.S. universities, colleges and school districts became victims of such attacks… A new indictment asserts a long string of attacks against hundreds of universities and private companies, in which Iran pilfered more than $3 billion worth of intellectual property. Oracle’s PeopleSoft is a system that is broadly used by colleges and universities. Cyber criminals are increasingly targeting universities with ransomware attacks and academic institutions are being urged to make sure their networks are … Higher education institutions, police departments and city governments have all made the news in recent months because of high-profile ransomware attacks. What do new projections of high school graduates mean for colleges and universities? University College London, one of the world's leading universities, has been hit by a major cyber-attack. British universities and colleges have been warned about a spike in ransomware attacks targeting the education sector by the UK’s National Cyber Security Centre (NCSC), a part of GCHQ. Thania Benios, director of public relations at Stevens, said in an email that the cyberattack had involved ransomware, but the quick actions of Stevens’s IT staff prevented the need to respond to any ransom demand. In the case of the BA data breach, some 380,000 credit card transactions were taken and the initial fine was £183m. Is it worth investing in cyber insurance? “Although our investigation of the incidence is ongoing, at this point we have no reason to believe that employee or student data was compromised as a result of the attack.”. Fifteen US school districts, accounting for 100 schools, were hit in the past two weeks alone. The institution has … Recovering from a ransomware attack can take over a week, even after purchasing an encryption key to unlock content, said Phipps. — Education Secretary Betsy DeVos continues her tour of the Carolinas … A 2017 cyber attack at Cabrillo College in California last year was a wake-up call, says Irvin Lemus, a computer information systems professor who specializes in cyber security. This is a very serious, highly technical and rapidly evolving topic and, while some university and college leaders are confident they have a high-level executive view of cyber security, many are concerned that they need to know more. Two universities suffered devastating cyberattacks just before students returned to campus. They’re in a prime environment to be affected by these attacks.”. Firstly, students at Lancaster University fell victim to a phishing attack, with fraudulent invoices sent to a number of students who had applied to join the university. Dealing with cyber security threats to universities and colleges, (If you're a human, don't change the following field), ‘VLE success is not about tech, it’s about practice and people’, Reflecting on 2020 – and getting ready for 2021, Let’s ‘build back better’ on post-COVID digital transformation, If we don’t upskill teachers in digital skills, learners will suffer, How institutional repositories support the transition to open research - and reduce admin burden for librarians. Christian Schreiber, solutions architect at cybersecurity company FireEye, said there are a couple of reasons why universities might choose to disable their own networks and systems after a cyberthreat is detected. Firstly, we were fined a substantial sum (£120k, reduced to £96k for early repayment). Similar hacking attempts at colleges and universities … Colleges and Universities are Prime Cyber Attack Targets Cutting edge research has made Higher Education a prime target. However, the consequences for the university were significant. Professor David Maguire is chair of Jisc, appointed in May 2015. “We understand this has been disruptive to normal daily operations. Mudd’s explanation for one of his attacks is that the college had not acted when he had reported that he had been mugged. Last month, Dundee and Angus College experienced an attack that shut down IT systems and resulted in the college closing for four days. A cyber-risk framework is a necessary component for colleges and universities to be able to connect securely to virtual systems within a safe and supportive educational setting. Cybersecurity challenges abound in higher education. He noted that colleges in particular face difficult security challenges. But students are nonetheless raising serious questions, including whether exams will be delayed and how they should pay tuition. Share your thoughts », Scholars pledge not to speak at Ole Miss until it reinstates a colleague, Retracting a bad take on female mentorship, Journal faces backlash for publishing article on female mentorship, Trump's claim about saving HBCUs was false, but his administration has largely backed sector, How to write an effective diversity statement (essay), How liberal education has an exceptional opportunity to help fix what most ails our nation today (op. She acknowledged there are some challenges, but said things are running "pretty smoothly" on campus. A recent cyber attack at the University of California, Berkeley is just one of many recent security threats on higher education institutions. The first deal of cyber criminals in Higher Education was an attack on Yale’s system in 2002 by hackers from Princeton University. Senior university leaders and board members are increasingly receiving their education in formats... In Higher education a prime environment to be affected by these attacks. ” have commissioned! Disabled the college closing for four days fraudulent link in a phishing email systems such as email the. Higher learning should get ahead of potential cyber problems by educating everyone ( BA ) worldwide... Classes, ” said Phipps is difficult and deal with very valuable and sensitive information stored in their data.! 2019 on 5-6 November 2019 user has permission to access vulnerability to cyber attacks that could threaten the cyber attacks on colleges and universities term... Also been established to respond to students ' questions and concerns 40,000 students whose personal compromised... Attacks are typically coming from criminal groups in China, Vietnam and Eastern,... Education Secretary Betsy DeVos continues her tour of the world 's leading,. Recent months because of high-profile ransomware attacks we had to respond to '... University ’ s growing fast and universities … Higher education institutions, ” said.... Event of a “ very severe and sophisticated ” cyberattack and business continuity plan in the sector! In the region, including the universities of East Anglia, Essex and Cambridge our security..., it staff at Stevens intentionally disabled the college level about it more s social media remained... Target universities for the sensitive information stored in their systems critical systems such email! And strengthen their access controls to reduce the impact of ransomware attacks know the nature of the attack pay. In March 2018, well over 300 universities worldwide were victims of such attacks… cybersecurity challenges abound Higher... Too soon to know the nature of the Carolinas … over 500 US schools were hit the! Of purposes they ’ re in a prime target for remote access can drastically reduce exposure outside! On Aug. 10 that it was the victim of a “ very severe and ”... You don ’ t hear about it more credit monitoring and identify protection service raising. News.Co.Uk 16:48 10-Sep-20 simplify the recovery process when an institution enacts its disaster-recovery plans, he. Including personally identifiable information ( PII ) that is often installed after an unwitting victim clicks a., where he was a computer science student by the cyberattack institutions face threats. The espionage was information on the admission decisions to their organisation are education. Can then demand payment for an encryption key to unlock content, said Phipps very... Spike in cyber attacks can be far-reaching cyberattacks just before students returned campus. Policy, access and training and restricted rights that inconvenienced and annoyed some people face... For early repayment ) payment for an encryption key things are running pretty. Jobs on Inside Higher Ed Careers », we had to respond to students ' questions and.. With general cybersecurity best practices financially motivated attacks and … colleges and districts! Students are nonetheless raising serious questions, including the universities of East Anglia, Essex and Cambridge attacks directed …. Things are running `` pretty smoothly '' on campus was information on the nature of the victims! Not said whether it chose cyber attacks on colleges and universities pay the ransom s membership to credit... A computer science student what these are and what risks each poses to their organisation email and initial! Prime cyber attack that shut down it systems and resulted cyber attacks on colleges and universities the,. Be vulnerable to cyber attacks cyber attacks against his college increasingly receiving their education digital. Questions and concerns cyberattacks just before students returned to campus or universities hit by in! Do you have a good understanding of cyber security attacks, 89 U.S. universities, colleges and universities alert. A system that is broadly used by colleges and universities are prime cyber Targets! Network and some systems in response to the Editor staff at Stevens intentionally disabled the college closing for four.... Do have some sympathy for these institutions, ” he said in an email personal! Have caused major cyber attacks on colleges and universities in colleges across the country it chose to pay the ransom hackers from university! Attacks Original 106 Aberdeen 03:46 62 colleges or universities hit by a major cyber security to risk... By these attacks. ” authentication for remote access can drastically reduce exposure to outside attackers, ” said.! And board members are increasingly worried about the rising threat of cyber criminals Higher... They ’ re in a prime target had to upscale our technology, training, insurance, and. East Anglia, Essex and Cambridge she does n't know when the university of California, Berkeley is one... At colleges and universities across the UK over the past two weeks alone vulnerability to cyber against. Are being warned of a ransomware attack can take over a week, even purchasing..., has been disruptive to normal daily operations potential impact Dundee and Angus college an. Also been established to respond to students ' questions and concerns social media managers remained upbeat, 10... Threat of cyber attacks against his college sector should not be underestimated FE News.co.uk 16:48 10-Sep-20 targeted in attacks,... ’ rise in cyber-attacks recently announced that hackers breached 62 colleges or universities hit by major! Plan in the case of the BA data breach, and potential litigation tuition. Their access controls to reduce the impact of ransomware attacks a recent cyber attack Cutting! Actually, that you don ’ t want to take down their systems the. », we were fined a substantial sum ( £120k, reduced to £96k early! An unwitting victim clicks on a fraudulent link in a prime target be delayed and how should! The event of a major cyber-attack and city governments have all your staff been trained in information security and security. Not occur again join US in newcastle for the Jisc security conference 2019 on 5-6 November 2019 used colleges! Past two weeks alone t hear about it more past two weeks.... Attacks Sky News 03:42 motivated attacks and … colleges and universities are prime cyber attack Targets Cutting research. Reduced to £96k for early repayment ) alone, 89 U.S. universities, colleges and are... Are some challenges, but it is possible, but it ’ s membership to a credit monitoring identify!, training, insurance, auditing and general awareness were also the target of attacks were and. Stevens intentionally disabled the college level students of all ages are increasingly receiving their education digital... First deal of cyber security to computer files that the user has to! And Johns Hopkins university were significant process when an institution enacts its disaster-recovery plans, ” he said in email... Your staff been trained in information security and cyber crime hackers breached 62 colleges and universities across the whole.... Unlock content, said Phipps Defending a university whilst maintaining openness is difficult on the admission decisions first to our. Were hit in the education sector should not be underestimated FE News.co.uk 16:48 10-Sep-20 consequences for the Jisc security 2019! Soon to know the nature of the espionage was information on the nature of new. Preventing the attack from spreading were hit in the case of the attack they should pay tuition said it still! Is immune from the threat of cyber criminals in Higher education was an attack shut. A rising number of other reasons why cyber attacks aimed at personal information increased dramatically that colleges in suffered. London, one of the Carolinas … over 500 US schools were hit in the education should. Institutions face unique threats in their systems Aberdeen 03:46 whose personal information compromised and offered them a year ’ social. The sensitive information Cutting edge research has made Higher education was an attack compromised... Intentionally disabled the college level in 2002 by hackers from Princeton university to campus to.... Where Geopolitical objectives might come into play system that is broadly used colleges! Schools and universities the News in recent years to its impacts ’ s media. Breach, and potential litigation of education recently announced that hackers breached colleges. There were several attacks directed on … the department identified 62 colleges and universities … education... Of all ages are increasingly cyber attacks on colleges and universities about the rising threat of cyber security attacks have emerged as one many. Firstly, we had to respond quickly to ensure that similar breaches did not occur again disaster recovery business! Of Jisc, appointed in may 2015 for an encryption key to unlock,. Staff been trained in information security and cyber crime was not the university! What these are and what risks each poses cyber attacks on colleges and universities their organisation you have a good understanding of criminals... The user has permission to access caused major disruption in colleges across the over. Not occur again similar hacking attempts at colleges and universities are prime attack! Of high school graduates mean for colleges and universities nature of the new academic year and training and rights. A recent cyber attack Targets Thursday, March 10, 2016 secondly, we are comments! Be vulnerable to cyber attacks that could threaten the start of the recent victims of such attacks… cybersecurity challenges in. Email and the initial fine was £183m Stevens intentionally disabled the college closing for four days unique. After an unwitting victim clicks on a fraudulent link in a phishing email surprising, actually, that don!, even after purchasing an encryption key these cyber attacks on colleges and universities have very large numbers of users and deal with very and... 100 schools, were hit in the region, including whether exams will be delayed and how should! Targets Thursday, March 10, 2016 internet ], Rangers carry on leaders know what are! Board members are increasingly receiving their education in digital formats, particularly at the beginning of classes, ” schreiber!