A rise in cyberattacks - particularly ransomware - is impacting academic institutions, putting educational goals at risk.
It’s time to sound the alarm. The sheer number and sophistication of cyberattacks on educational institutions around the globe has reached crisis levels. While the recent shift to cloud-based virtual learning brought certain advantages, it has also made it even easier for hackers to further exploit educational environments.1 This is a sector under siege.
Unfortunately, these bold statements are not hyperbole, but rather, a reflection of real-world statistics. For example, between August and September 2021, educational organisations were the target of more than 5.8 million malware attacks globally, or 63 percent of all such attacks.2 Data released in 2022 confirm education and research are still the most targeted industry. The report identifies Australia/New Zealand as the most heavily attacked region, followed by Asia and Europe, with Latin America experiencing the largest increase in weekly cyberattacks.3
In the U.S., the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) came together in 2022 to issue a warning to educational institutions, to let them know they were being disproportionately targeted.4
And it’s not just about fending off the volume of attacks, the increase in scope and scale of cyberattacks, and notably ransomware attacks, are severely impacting institutions ability to function, globally. Take for example:
- A ransomware attack on Los Angeles Unified School District (LAUSD) in September 2022 prompted an unprecedented shutdown of computer systems that led to ongoing disruptions to email, computer systems and applications.5
- A cyberattack in the UK in 2021 shutdown email, phone and website communications at 15 schools, bringing online learning to a halt.6
- A large-scale cyberattack on the Universidad El Bosque in Bogotá, Colombia, in 2021 compromised institutional, academic and financial platforms for three days.7
Students and faculty are losing valuable classroom time and information, putting educational goals at risk. Cyberattacks are also damaging institutions’ reputations and trust, which can lead to lower enrolment and lost revenue. One such institution is 157-year-old Lincoln College in Illinois which was forced to permanently close its doors in May 2022 after a ransomware attack created debilitating financial issues.8
Thinking outside the box
New security strategies are required. Today breaches are being felt around the world, even with traditional approaches to cybersecurity in place. In 2019, the National Cyber Security Centre in the United Kingdom found that 83 percent of 432 schools analysed had been hit by at least one cybersecurity event, even though 98 percent had antivirus solutions in place and 99 percent had a firewall. Tried and true is no longer good enough.
Castle and moat, and defense-in-depth security strategies may have been effective in their day, however, in today’s world where the internet and handheld devices dominate, walls are being breached. The network edge — and the potential for unauthorised network access — can now easily extend well beyond the physical campus perimeter.
Security is an evolving landscape. Institutions willing to take on the challenge of making security a priority can enhance their reputation, educational brand and public image.
Protecting themselves from cyberattacks and avoiding the negative publicity that comes with such events also helps attract and retain students. As well, it puts the institution ahead of the pack in terms of best practices that other institutions can emulate and strengthens education network defenses against cyberattacks.
The good news is, with an effective cybersecurity approach, such as zero trust network access (ZTNA), academic institutions can focus on teaching and learning, rather than technologies and threats. A zero trust strategy — as the name suggests — trusts no user, no device and no application, no matter where it is, on or off campus, or in the cloud. Stay tuned for my next blog where we’ll take a deeper dive on ZTNA and how you can develop your cybersecurity strategy.
Learn more about Alcatel-Lucent Enterprise solutions for the education sector.
Learn more by reading our "Comprehensive cybersecurity on campus" infographic