Share this article on:
Jon McGettigan of Fortinet offers tips for tertiary institutions battling against malicious actors attempting to tap into sensitive data.
Higher education institutions have felt the brunt of COVID-19 disruptions and now also face increasing cyber threats. The modern learning environment is more digital than ever, partly in response to COVID-19 lockdowns, which necessitated a pivot to online learning. However, universities were already digitally transforming before the pandemic hit, with students benefiting from a deluge of freely available information online, augmented learning tools, and other innovative technologies. Protecting students, staff, and the institution as a whole must be top of mind for university IT departments.
Complementing the increased demand for digital tools are the rapidly evolving networks including 5G and its vastly increased bandwidth. These will make it easier for students and staff to leverage bandwidth-hungry applications including augmented reality, video streaming, and even robotics to undertake research and coursework. However, just as more bandwidth makes legitimate activities faster and more streamlined, it also makes it faster and easier for cyber attackers to launch their attacks.
The global pandemic also introduced new challenges for the education sector. From an operational perspective, it left financial gaps due to the sudden halt of overseas students, thousands of job cuts, and budgets stretched to the limit. Devices were bought and configured rapidly and cloud services were quickly scaled as students and staff moved to remote learning. This meant security came second to the urgency of getting online learning and remote working up and running quickly.
The Australian education and research sector suffered 122 cyber attacks in the 2020 financial year, according to the most recent report by the Australian Cyber Security Centre. In the Office of the Australian Information Commissioner’s most recent report on notifiable data breaches, the education sector is ranked number three in the top five industry sectors at risk of data breaches.
According to the Fortinet Networking and Cybersecurity Adoption Index 2021, less than half (45 per cent) of all large Australian organisations were very confident that their networking and cloud security technologies were sufficient to protect current data assets and IT infrastructure.
There are five emerging cyber security risks that higher education providers need to be aware of:
1. Data theft and ransomware
Higher education institutions store a large amount of personally identifiable data and research information. This makes them highly attractive targets for nation-state threat actors, individuals, and competitors. Cyber criminals can steal data and research to monetise it but also to gain an economic, political, or military advantage. For example, cyber espionage criminals may spy to develop medical treatments, products, and other innovations that they can commercialise and monetise without incurring research and development expenditure.
Additionally, these institutions can fall victim to ransomware attacks, which are rapidly increasing. These attacks lock up valuable data, making it unusable, then demand a payment to release the data. If a university’s research projects and online learning were unable to proceed, this could cause massive disruption.
2. Transparency and decentralised IT
Higher education institutions subscribe to strong principles of academic transparency and information sharing. These same platforms that help universities collaborate, such as information-rich websites, can leave them vulnerable to malicious attacks if not proactively secured. At the same time, higher education institutions tend to operate in a decentralised manner, with each faculty or school responsible for its own IT and cyber security. This can make individual departments more vulnerable to cyber threats and make it challenging to develop an overarching strategy that protects the entire organisation.
3. Unique threats
Staff and students use personal and often unsecured devices to connect to university networks via a direct connection or virtual private network (VPN) to access and store data. This threat is exacerbated by the fact that students usually have minimal training or awareness around cyber security, which means they can inadvertently introduce threats into the network.
4. Increasing complexity
Before the coronavirus pandemic, the defined network edge was disappearing, with more devices accessing the university network from a variety of locations outside the university’s firewalls. Now, that process has been accelerated. While previously users worked inside a secure perimeter, most users are now outside that perimeter and yet they need to be able to function as effectively and securely as if they were still inside. This, along with the introduction of internet of things (IoT) devices, cloud servers, and more endpoint devices, has increased the attack surface considerably.
Higher education institutions have invested in more point products to cover the specific threats that have emerged. However, this has added more complexity, is challenging to monitor, and makes it practically impossible to deal with the large volume of alerts sent by all these products.
5. Stretched resources
A university’s large user base doesn’t correlate with its revenue. Large private enterprises with a similar-sized user base have substantially higher revenues, making it easier for them to allocate the resources required to manage the huge throughput requirements of a large organisation. Universities have suffered resource shortages and staff cuts, making the challenge even harder to solve.
How to address these challenges effectively
Universities can take three key steps to mitigate the risk of cyber attack:
1. Evaluate
It’s important to understand current systems and their vulnerabilities, including how information is managed and protected. A risk assessment should provide full visibility to eliminate blind spots and identify security gaps.
2. Protect
Protecting data is essential. Multifactor authentication is a good starting point to control access. Universities also need to understand how malware will enter the system and predict attacks through threat intelligence.
Having a multitude of disparate security tools in place creates more risk and work. Combatting this requires a security fabric approach that reduces risk and complexity by creating an environment in which all security tools integrate with each other seamlessly to create a more efficient, cost-effective, and reliable security approach.
3. Train
Users need to be trained on the importance of having strong passwords, identifying phishing attacks, and updating devices. This requires ongoing communication and a proactive approach.
Given the immense pressure put on higher education institutions in the wake of lower international student numbers, getting cyber security right while lowering complexity and cost is a strategic imperative for these organisations. Universities should look to work with a partner that provides an overarching security fabric that improves protection and visibility across the board.
Jon McGettigan is the regional director, Australia, New Zealand, and the Pacific Islands at Fortinet.