Stealing research may be primary aim.
In the US, cyberattacks on colleges and universities have seen a noticeable increase in the past year or so, and with the abundance of data the schools store on their students, it’s not hard to see why. Across the K-12 public school spectrum and then higher learning, each school represents hundreds, thousands, or even tens of thousands of “blank slate” identities that can be sold or used.
But a new report from the Times found that hackers are attacking UK universities with a much bigger goal in mind: proprietary research information.
Universities have long been not just focused on educating new generations, but also on conducting research in every field, much of it groundbreaking and innovative. Why bother setting up your own lab and wasting years of your life in research and development when you can break into a woefully undersecured network and pluck out all the research data you want?
How serious is the issue? A report from the BBC stated that the Times’ requests under Freedom of Information found that some UK universities were being hit by as many as 1,000 cyberattacks per month. Commonly used methods include tactics like ransomware, phishing, and DDoS attacks.
But this should come as no surprise; the very nature of educational institutions makes them such prime targets: they have limited budget resources to invest in top-notch security protocols, they have thousands of faculty and students all using the same network (and therefore giving hackers a way in), and yet they house some of the most valuable information in the world. The only real surprise is that hackers haven’t set their sights on universities long before now.
Tech and training
The only solution seems to be stepping up the security game, which is actually equal parts stronger tech protocols and better employee training. Ongoing, comprehensive education on the latest threats and methods of attack can greatly minimize the risk of a data breach.