In the past two years, higher education institutions in the UK have been key targets for cyberattacks, posing a significant threat to learning standards and scientific data protection. In the past years, high profile attacks on UK universities have put the education industry on high alert.
Cyber attackers are aware of the high volume of online communications that pass between students, professors, university staff, and other on-campus guests and are using social engineering techniques like phishing emails, where the objective is to trick users into sharing sensitive information including log in details, to breach university networks and steal data.
Alternatively, they may use ransomware, a type of malware that accesses a device or corporate network and threatens to publish the victim or organisation’s private data, to block network access until a rescue fee is paid.
To help the country protect against these threats, the UK government has introduced cyber essentials: a framework to help any public or private sector organisation improve their cybersecurity posture. The scheme’s aim is to certify organisations that are well protected and provide them with the necessary assessments to make the most of their cybersecurity investments. With recent attacks providing a stark reminder to universities of the importance of being cyber protected, it’s time the industry takes notice.
Threats of the remote learning era
As a result of the pandemic, remote learning has become commonplace for the first time. Before the health crisis, students, professors, and administrative staff gathered on campus on a day-to-day basis – with relatively few exceptions. But the overnight switch to frequent remote or hybrid learning has brought with it a wider range of cyber threats.
More than ever, an unaccountable number of endpoint devices, such as computers or smartphones connected to a network, are distributed across the country at every university, with thousands of students connected remotely from personal appliances and home wi-fi networks. This decentralised IT infrastructure can open security gaps which present new opportunities for attackers.
As a result, a wave of cybercrime is hitting British educational institutions and criminals are developing sophisticated digital attacks to steal intellectual property. For example, Salford University’s chief information officer Mark Wantling recently revealed his institution’s research data on vaccinations was specifically targeted during the pandemic.
It is therefore crucial that higher education institutions use cyber essentials to develop cybersecurity strategies which secure learning environments and ensure that their intellectual assets are adequately protected – but to do so, there are some significant hurdles to overcome.
Technology challenges associated with remote learning
Due to the nature of new decentralised IT infrastructure, universities may not have comprehensive visibility across all their assets and, as a result, won’t be aware of any devices connected to their network that may be carrying vulnerabilities.
This lack of visibility often leads educational institutions to struggle to apply software patches and identify problematic devices in a timely fashion, making it difficult to reduce IT risks. If attacked, these institutions are unlikely to be able to respond fast enough to prevent harm – a situation that could be easily avoided by implementing comprehensive endpoint security.
By deploying these tools, data can be automatically collected across all endpoints – allowing for laptops to create solution policies and for software updates and patches to be installed as soon as they’re needed. For example, by using Tanium for endpoint visibility and control, Salford University transformed its risk posture and incident response capabilities, reducing its missing software patches by more than 99%: from more than 38,000 to near zero.
However, technology challenges aren’t the only thing holding universities back.
The skills challenge
At the same time, higher education institutions are also battling to retain qualified IT talent due to a lack of funding and resources. IT professionals are frequently offered better conditions in private companies, such as enhanced pay and benefits, often tempting the best talent to jump ship.
For this reason, university IT teams are often under-resourced, overworked and underqualified. As a result, they struggle to manage complex IT ecosystems and need the additional support that implementing endpoint visibility tools can provide to help improve their overall cybersecurity posture.
Meeting cyber essentials
Due to the complexity of the typical university IT network, it is necessary that IT teams begin using security strategies that allow them to adhere to the government’s cyber essentials scheme. This means they need to use tools which can create a real-time inventory of all assets across the institution, scanning the IT estate for threats in real-time.
Cyber attacks provide an ongoing threat to learning and to the safety of intellectual data, whilst remote learning has presented new tech challenges and risks. That’s why education institutions must establish strong control and security management strategies, leveraging the cyber essentials scheme to help guide them on this journey.
Ultimately, a university’s security strategy needs to be laser-focused on protecting two of its most important areas: student learning and research data. To adhere to the cyber essentials checklist and achieve cyber hygiene – a set of practices for ensuring control of critical data and for securing networks – it is essential to implement strong endpoint management strategies. This will ensure universities are well-positioned to prevent cyber attacks for the remainder of 2022 and beyond.
Kirk Bellerby is the director and UK higher education lead at Tanium.