Educational institutions worldwide are confronting a significant escalation in cyberattacks, with 77% of schools and universities reporting incidents within the past 12 months, according to a comprehensive new report from cybersecurity firm Netwrix. This figure represents a notable increase from 69% in 2023, highlighting the growing vulnerability of the education sector in the face of increasingly sophisticated cyber threats.
The report, which compiles insights from 1,309 IT and security professionals globally, underscores that educational institutions have become prime targets for cybercriminals due to various factors, including the vast amount of sensitive data they handle and often inadequate cybersecurity infrastructures. Predominant attack vectors identified include phishing, user account compromise, and ransomware, all of which have seen a marked uptick in frequency and sophistication.
Our analysis follows; you can get the full report here.
Educational Institutions as Gateways to Valuable Data
A critical factor contributing to the targeting of educational institutions is their role as repositories and conduits of valuable proprietary information through extensive collaboration with corporate and research partners. Universities and colleges frequently engage in joint research projects with private sector companies, handling sensitive and commercially valuable data that is highly attractive to cybercriminals. One notable example occurred in 2018 when the Department of Justice charged nine Iranians with stealing data from hundreds of universities.
“Educational institutions often act as custodians of significant amounts of proprietary and sensitive research data due to their collaborations with various industries,” explained Dirk Schrader, Vice President of Security Research and Field CISO EMEA at Netwrix. “This makes them lucrative targets for threat actors aiming to steal intellectual property, trade secrets, and other confidential information that can be monetized or exploited for competitive advantage.”
The collaborative nature of academic research necessitates the sharing and storing of sensitive data across multiple platforms and networks, often with varying levels of security. This expansive and interconnected data landscape increases the potential attack surface, providing cybercriminals multiple avenues to infiltrate systems and exfiltrate valuable information from educational institutions and their corporate partners.
Resource Constraints and Complex IT Environments Amplify Risks
Many educational institutions’ often limited resources and outdated cybersecurity measures compound these risks. Unlike large corporations, many schools and universities operate under constrained budgets that can restrict their ability to implement and maintain robust cybersecurity defenses. Additionally, the diverse and decentralized nature of academic IT environments, encompassing many devices, users, and access points, further complicates effective security management.
“Universities or school districts can have as many user accounts as some global multinational businesses,” noted Ilia Sotnikov, Security Strategist at Netwrix. “While educational institutions may have the same complexity as large organizations, they typically lack matching budgets and resources to deal with their dynamic environments. This disparity creates exploitable weaknesses that cybercriminals are quick to target.”
Sector – Netwrix
The report indicates that institutions with hybrid IT infrastructures are particularly vulnerable. With 81% of educational institutions operating a combination of on-premises and cloud-based systems, maintaining consistent and comprehensive security protocols becomes increasingly challenging. Cloud environments, in particular, have been identified as more frequently targeted due to lax security configurations and oversight.
Significant Consequences and Financial Implications
The repercussions of these cyberattacks on educational institutions are profound and far-reaching. Nearly half (47%) of the institutions impacted reported incurring unplanned expenses to address security gaps exposed by the attacks. Additionally, one in seven faced compliance fines, and 10% experienced changes in senior leadership and legal actions as direct consequences of security breaches. Beyond financial losses, these incidents can severely damage reputations, erode stakeholder trust, and disrupt critical educational and research activities.
Sector – Netwrix
“In the aftermath of a breach, organizations must prioritize remediation steps to reduce risks moving forward,” advised Schrader. “Immediate responses may include patching software on the most critical servers and implementing additional security protocols, but longer-term solutions often require significant investments in advanced security technologies and personnel, which can strain already limited budgets.”
Strategic Measures for Enhanced Security Posture
The report advocates for a multifaceted approach to strengthening cybersecurity within educational institutions to counter these escalating threats. Key recommendations include enforcing stringent password policies, widespread implementation of multifactor authentication (MFA), and adherence to the principle of least privilege to limit unnecessary access to sensitive data. Regular security training for staff and students, investment in advanced threat detection and response systems, and comprehensive incident response planning are also emphasized as critical components of a robust security strategy.
“Proactive and strategic investment in cybersecurity is no longer optional but essential for educational institutions to protect their data assets and uphold their educational and research missions,” Sotnikov emphasized. “Collaboration between educational institutions and their industry partners should also extend to sharing best practices and resources for cybersecurity to ensure mutual protection against common threats.”
Conclusion
As cyber threats evolve in scale and sophistication, educational institutions must recognize and address their unique vulnerabilities, particularly those arising from collaborative research activities that involve handling sensitive and proprietary information. Strengthening cybersecurity infrastructures and practices is imperative to safeguard the institutions and the broader ecosystem of partners and stakeholders that rely on academic research and data integrity and security.
Source: 2024 Hybrid Security Trends Report – Education Sector – Netwrix
Other News: Cyberattack at Port of Seattle is the latest example of increasing threats to critical infrastructure.
Other News: FortiFI: One-Stop Cyber Insurance for Financial Institutions(Opens in a new browser tab)