Blog

In the “good old days”, the biggest hazards facing higher education institutions were those ever-present trio of: dwindling enrollment, lack of alumni support and government funding cuts. However, for today’s school executives and administrators, thwarting these familiar risks is a proverbial walk in the park compared the latest threat: network security breaches.

Indeed, since 2015, the University of Virginia, Pennsylvania State University, the University of Connecticut, Washington State University, Rutgers University, the University of Central Florida, Johns Hopkins University, Greenwich University, the University of Regina, and the University of Calgary have been targeted by cyber criminals — and this is just a brief snapshot. A full list of victims would be so long and comprehensive, that it would resemble a global contact database for higher education organizations.

Why Cyber Criminals are Specializing in Higher Ed Hacks

What’s motivating cyber criminals to put higher education in their crosshairs? Is this a political statement? Personal vendetta? Social criticism? No: cyber criminals are attacking universities and colleges because these bastions of knowledge and beacons of learning also happen to be the perfect targets. There are five reasons for this dubious distinction:

1. Universities and colleges have valuable data on everything from students’ application information to professors’ patent details – and cyber criminals want to get their hands on it, either so they can carry out ID theft or sell their wares to the highest bidder. They know that in the digital age, gold and diamonds aren’t found in mines; they are found on servers and endpoints.
2. Universities and colleges are more open when it comes to information access and sharing. The trade-off for this transparency and flexibility is greater vulnerability compared to corporations, which can tighten the security screws without compromising their mandate or generating disapproval. In fact, corporations are often applauded for locking data down, whereas the same practices in higher education would be met with major criticism.
3. Universities and colleges are somewhat like federations: they share the same flag and sing the same anthem, but on the ground, they are a group of different schools, faculties and departments that peacefully co-exist due a mixture of shared history and enlightened self-interest. While this works politically and administratively, it leads to a patchwork of various InfoSec policies and procedures – which opens up gaps that cyber criminals identify and exploit with alarming ease. Add the fact that the end user population is constantly changing and there can be more personal devices on the network than school-owned, and it becomes even clearer why cyber criminals are gearing up their attacks.
4. While universities and colleges have IT departments and employ security teams, resources are limited. What’s more, it is not uncommon for schools to have numerous third party programs and apps running on servers and endpoints in various campus buildings. Any of these can be doorways through which zero-day exploits inject malware and viruses onto the network.
5. Cyber criminals know that universities and colleges cannot afford to endure a prolonged breach – because their operations will come to a grinding halt, and their reputations will take a major hit. As such, they are increasingly leaning on ransomware attacks that frames the scenario as a cold, bottom-line transaction: pay a specific amount by a certain date and the problem goes away; but fail to do so and things get much worse. Not surprisingly, victims – like Canada’s University of Calgary — are agreeing to fork over the demanded bitcoin. While this reaction is understandable, it is nevertheless encouraging cyber criminals to hit the repeat button and move onto the next academic victim on their list.

The Solution?  An Adaptive Approach

Since universities and colleges contain so many internal departments, faculties and types of users, no single security solution can provide a total answer. As such, IT departments need to implement a variety of solutions based on the level of risk, and the needs of end users. Specifically:

For students, it may be enough to provide basic endpoint protection along with email and web filtering.
For faculty departments, it is wise to add robust network security and advanced access control.
In university offices where student data is stored or departments where sensitive research is performed, encryption should be implemented along with more significant steps to prevent hackers from penetrating through user endpoints.
To lock out attackers – but without preventing staff from freely accessing information when they are outside the network – using virtual containers is critical, as explained below.

Think Inside the Virtual Container

Students are regularly reminded to “think outside the box” – which is good advice when trying to find creative solutions to difficult problems, like disease, pollution, the economy, and so on. However, when it comes to keeping cyber criminals at bay, the best advice that universities and colleges can follow is to “think inside the virtual container.”

A virtual container is lightweight, yet potent security solution that deploys on endpoints. It creates an isolated environment in which internet-facing apps (e.g. web browers, email, Skype, removable storage, FTP, etc.) can run unhindered, to ensure that they not masking a malicious payload. If deemed safe, then files and other data can be transferred from the virtual container to the endpoint or the network as necessary. If deemed unsafe, then the virtual container can be wiped clean and the risk is eliminated.

The bottom line? With a virtual container, instead of working their way towards a PhD in attacking higher education targets, cyber criminals get their submissions back with a big red “F”!