•  Abundance  of  sensitive  information:  The  size  of  higher  education  institutions  makes  them
                   prime targets for hackers looking  to cash in on stealing and selling sensitive  data. Student and
                   employee  Social  Security  numbers,  bank  accounts  and  other private  information  motivate  bad
                   actors to infiltrate systems using various attack patterns.
               •  Valuable research data: Many universities pride themselves in having the best and most brilliant
                   minds working  on valuable  research projects  and groundbreaking  technologies.  Cybercriminals
                   look for opportunities wherever possible. They know intellectual property can be worth millions if
                   sold to the highest bidder.
               •  Lack  of  cyber  preparedness:  Many  higher-ed  institutions  prioritize  improving  facilities  and
                   education  standards  over  other  factors  like  cybersecurity.  Organizations’  complacency  and
                   feelings of false security make them prime targets for bad actors.



            How Vulnerable Are Universities and Colleges to Data Breaches?

            In  2023,  the  University  of  Michigan  had  to  shut  down  systems  and  IT  services  after  a  cybersecurity
            incident  occurred just before the start of a new academic year.  The university has over 30,000  faculty
            and administrative staff and 51,000 students. Some common cyberthreats plaguing higher-ed institutions
            are SQL injections, phishing and ransomware attacks.

            Cybercriminals are scaling their attacks to expose vulnerabilities in higher-ed institutions. They won’t stop
            there. Here are several reasons why schools are more vulnerable to cyberattacks:

               •  Lack of funding: Many colleges and universities fail to prepare for imminent attacks due to a lack
                   of funding for critical cybersecurity systems. As a result, these institutions are forced to pay steep
                   ransoms that only encourage hackers to launch more attacks in the future.
               •  Outdated  systems:  Higher-ed  institutions  prioritize  large-scale  adoption  without  proper
                   preparation  for  associated  risks as online  learning  becomes  more prevalent.  Many  universities
                   still use old and outdated systems that are more vulnerable to high-tech cyberthreats.
               •  Cybersecurity  labor shortage: According  to a 2022 study, over 700,000 unfilled cybersecurity
                   roles  exist  in  the  U.S.  alone.  The  lack  of  qualified  professionals  headlining  cybersecurity
                   departments in higher-ed institutions leads to more vulnerabilities due to lax security standards.



            Strategies to Strengthen Cybersecurity in Higher Education

            In the U.K., 92% of higher education institutions were affected by cybersecurity compromises in 2022 —
            significantly higher than the 39% average rate for all businesses. While attacks keep mounting, only 13%
            of global  industries  will protect  their  data  in 2023.  It’s time  to start  proactively  changing  cybersecurity
            awareness by adopting a security mindset.

            Here’s how universities and colleges can adopt a cybersecurity stance and bolster their defenses against
            bad actors.






            Cyber Defense eMagazine – January 2024 Edition                                                                                                                                                                                                          175
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.