Cybercriminals are taking advantage of vulnerable education systems
Terry Greer-King, vice-president of EMEA at SonicWall, believes universities must do more to protect the valuable data they hold
It’s an unfortunate fact that every establishment with a network connection is vulnerable to security attacks and the gaze of cybercriminals. One particular space which is open to the latest threats, but may lack the necessary tools to tackle it, is the education system.
Students today use a wide range of technology as part of their studies and can be connected to a multitude of devices at any one time, including laptops, mobile phones, tablets and other connected devices, all of which use public WiFi networks on campus or in their accommodation.
At any point in the day, students can be researching, working on group projects and sharing vast amounts of data. They demand easy access to online portals and don’t want to be slowed down by inefficient, time-consuming security controls that require two-factor authentication or password reset operations. For students, connectivity to vital services must be seamless.
On and off-campus
A potential solution is to issue every student a laptop with inbuilt security that blocks harmful content and dangerous web pages. However, this would be expensive and near impossible to maintain as most students don’t rely on just a laptop – their working day is generally split between their laptops, tablets, library computers and mobile phones.
As a result, education networks are far from airtight. If they were, students wouldn’t be able to access information from wherever they log in. Education institutes simply don’t have the same level of security protection as corporate businesses. They provide very different services for very different groups of people, and budgetary restraints can cause issues when it comes to maintaining security.
You might also like: The cybercriminals are after your data!
Phishing for PII
This gap leaves education systems open to attacks, and cybercriminals will take any opportunity to steal valuable information from vulnerable targets through phishing scams, ransomware and email fraud. Such attacks allow cybercriminals to inject malicious code into a computer and gain access to the wider network. From there they have access to personally identifiable information (PII), personal health information (PHI), financial data on students and staff, and private information like subscriptions, bookings and orders that lead back to bank accounts. Students and staff are great targets for other nation-states looking to spy on countries for valuable intellectual property which must not fall into the wrong hands. With phishing kits so readily available online at low cost, even students looking to take down the network for their own enjoyment can take advantage of vulnerabilities.
Today’s education institutions can easily be targeted with fictitious URLs and malicious attachments, particularly with thousands of emails being sent back and forth each day. This is only made worse when people don’t stay on top of the recommended software and security updates for their devices.
A high degree of security
Next-gen firewall systems exist to deliver proven, scalable protection for millions of connections from the latest threats with no impact on performance. All this security is available and backed up through the cloud, on top of being easily accessible and transparent.
Ultimately, universities must step up to their obligations and take decisive steps to protect the valuable information they hold. Only the right technology can help them tackle such challenges, and decision-makers within university IT departments should look for a solution that offers blanket protection without sacrificing accessibility. More than anything, universities still have lessons to learn on the topic of cybersecurity.