Internal cyber security threats in HE

Andy Butcher, UK Education Sales Specialist at Axians, discusses on-campus security threats, and how universities can create a secure framework

Another year, and another group of eager freshers enter the university. New faces, new devices, and more demands for a modern connected campus. With security at the forefront of everyone’s concerns, it’s not only a question of how do we protect the people on the network, but how do we identify the threats from within?

None of us can avoid the news about the latest cyber-attacks. Critical infrastructure (such as power grids, nuclear facilities etc.) and organisations like the NHS and universities are at the forefront. The threat is very real – data breaches at British universities have doubled in the past two years – and everyone is a target. 

Campus threats

The case for strong cyber security protection is irrefutable. Any cyber-attack or data breach risks not just financial damage, but serious reputational harm to universities. In a competitive environment where reputation is king, and institutions face judgement from students every year, this simply cannot happen.

External threats often identify weak defences in an attempt to steal sensitive information, sell data or find links to other connected networks and businesses. This problem is exacerbated by the fact that, in my experience, the network architecture of most universities hasn’t changed in the last 20 years or so.

Yet it is not just the external threats that universities need to be wary of.  The ‘internal hack’ is becoming more and more prevalent throughout universities – cheating schemes and disgruntled students or employees are just a couple of reasons why there is an impending threat from within. Not only this, but universities now hold a great deal of intellectual property data, which is a valuable commodity for would-be cyber criminals.

Any cyber-attack or data breach risks not just financial damage, but serious reputational harm to universities

Imagine the scenario; an important deadline is approaching, and a student is very behind. Instead of catching up, they take down some of the university’s internal servers so that the online submission portal is out of bounds. Deadline extended.

Many universities face a difficult balancing act of mitigating potential cybercrime battleground without hampering academic freedom. University networks were originally set up to allow academics to share research with each other in an open environment. They have now developed well beyond this point, with the objective of supporting thousands or tens of thousands of students and staff with a multitude of connected devices. Therefore, the campus network also needs to be reliable and resilient enough to support the entire student and staff body, allowing them to access university resources 24/7.

Steps to a virtual and sustainable education service

As more and more of academic life takes place virtually (entire degrees can now be studied online), it is now paramount that this service is uninterrupted and resources are constantly available. A key tool in a cyber criminal’s armoury is the denial-of-service attack, and these can leave a university’s servers out of action for hours or even days. Protection simply must be in place to mitigate this. 

The whole campus is now connected day and night, and the university network is an ecosystem in itself. It only functions if everyone is working together to protect it. Luckily, there are many simple but important steps that should be taken to help ensure cyber-safety, such as encryption and implementing software updates. I am already witnessing how universities across the UK are beginning to look to deeper, more analytical network management strategies to stay protected and always online. 

A sustainable framework for data governance and security, crisis management procedures and IT architecture needs to be established. Without it, the damage is not only to the ecosystem itself, but to a university’s all-important reputation. Given the fierceness of competition in higher education, if a cyber-attack disrupts the running of the university and isn’t identified, either from an external or internal hack, prospective students will simply go elsewhere – and the competition will all-too-happily take advantage.

For more information on Axian’s research, visit