Code orange in the new academic year… for security
The new academic year has started. Albeit under code orange owing to the threat of coronavirus infection. But educational institutions need to keep an eye on the possible infection of their computers and IT network, as well. Because educational institutions are increasingly the favourite target of cybercriminals.
In the past few months and years, more and more attacks have been seen at educational institutions, from secondary schools to big school groups and universities. One of the institutions that fell victim recently is the Luca School of Arts. Following a cyberattack, their internet line and impacted servers had to be switched off to contain the hackers’ footprint. ‘The hackers got in via a phishing email that a member of staff clicked on. Now, six months later, we are still working flat out to restart the IT facilities in a reinforced environment’, says Wim Pauwels, Head of Infrastructure at the LUCA School of Arts. To prevent such occurrences in the future, the LUCA IT team has taken a raft of measures for the new academic year. For instance, they have invested in a solution that monitors incidents at the end points 24/7 and they have implemented a new, reinforced infrastructure.
In addition to ransomware attacks, a wide range of other techniques are used against educational institutions. The most frequent are DDoS attacks and fake invoice scams where the aim is to try and intercept the flow of payment transactions. But unlike in the business world, hackers do not target educational institutions because of the money. Such establishments are not rich. They do have research data that may be of interest to hackers and for industrial espionage. But in general, hackers set their sights on the education sector because it is particularly vulnerable. Factors that play a role here include the many contact points with the network (owing to the thousands of students) and the open culture intended to stimulate creativity and research.
The institutions are also vulnerable because hackers remain active all the time: at the weekend, after class time or in the school holidays, but they are often operating from other time zones, too. Smaller educational institutions in particular, with limited IT teams, such as the LUCA School of Arts, do not have 24/7 capacity. Whereas for a good security policy you need a 24/7 service provision that continuously checks the systems and takes immediate action as soon as malicious activity occurs. This is crucially important to limit the impact of an incident. It’s also the reason why the LUCA School of Arts has opted for a 24/7 threat monitoring service. A smaller educational institution can no longer do everything itself. The teams are often small and they do not have the necessary in-house cybersecurity knowledge. For this reason, and with the budget in mind, too, the institution opted for a managed security service.
What educational institutions can do
It’s important that as an institution, you know your vulnerabilities. Where are the weak points? Are the users insufficiently aware? Do you have a network that is too open? Or a weak Privileged Access policy? Or do your weaknesses lie elsewhere? You can opt to train your end users, segment your network and implement vulnerability management.
Cybersecurity on the agenda
Cybersecurity was already high on the list of priorities among IT teams. They are more alert, although in the past few months their attention has focused on introducing online distance learning. This alertness is starting to increase at management level, too. Particularly as several educational institutions (in Maastricht, Antwerp, Genk, the LUCA School of Arts, etc.) have recently been hit by a cyberattack. They have seen the impact that this can have. So for some time now, more and more management boards have started releasing the necessary resources for cybersecurity. More and more institutions are also beginning to do their sums, impact vs costs. Prevention is still better than cure.
Share the post