Categories
Uncategorized

Emerging Cybersecurity Threats in Education

Cyber Security Awareness Month 2024

Emerging Cybersecurity Threats in Education

The education sector is increasingly becoming a prime target for cybercriminals, with colleges and universities facing a surge in sophisticated attacks. As these institutions continue to expand their digital footprints through remote learning, online collaboration, and data-driven research, they are confronted with emerging cybersecurity threats that can disrupt operations, compromise sensitive data, and jeopardise the privacy of students and staff. Understanding these evolving threats is crucial for developing robust defences and maintaining a secure learning environment.

 

What are the threats?

  • Ransomware Attacks

Ransomware remains a significant threat to the education sector. In these attacks, cybercriminals encrypt an institution’s data and demand a ransom for its release. Universities and colleges are particularly vulnerable due to their reliance on networked systems for teaching, research, and administration. The number of attacks is increasing, and we all must be vigilant.

Ransomware attacks are becoming more sophisticated, with attackers using double extortion tactics—threatening to release sensitive data if the ransom is not paid.

Attackers are exploiting remote learning platforms and VPN vulnerabilities to gain access to institutional networks.

To protect against this threat:

  • In order to counteract this threat, regular backups should be configured and stored securely offline, ideally following the 3-2-1-1-0
  • Educate staff and students about phishing and suspicious email links, as these are common entry points for ransomware.
  • Ensure all software and systems are regularly updated and patched to protect against known vulnerabilities.

 

  • Phishing Scams and Social Engineering

Phishing scams are on the rise in the education sector, with attackers using emails, phone calls, and social media to trick students, faculty, and staff into revealing sensitive information. Cybercriminals often impersonate trusted entities, such as university administration or IT departments, to gain access to credentials, financial information, or internal systems.

Sophisticated phishing campaigns are targeting specific departments, such as financial aid offices, to steal student loan or grant funds.

There is an increased use of social engineering tactics, such as impersonating professors or researchers to gain access to research data or credentials. This can be achieved through the use of AI voice scamming.

To protect against this threat:

  • Deploy advanced email filtering tools that detect and block suspicious messages.
  • Conduct regular training sessions to help users recognise phishing attempts and other social engineering tactics.
  • Encourage reporting of suspicious emails and establish clear protocols for verifying communications.
  • A Safe Phrase is a pre-arranged phrase that you and your close circle can use to confirm you’re genuinely communicating with each other. It can be anything, as long as it’s: Simple but unexpected. Easy to recall.

 

  • Data Breaches and Intellectual Property Theft

Educational institutions are rich repositories of valuable data, including personal information, financial data, and intellectual property (IP) such as research findings and academic work. Cybercriminals and state-sponsored actors may target this data for financial gain, espionage, or sabotage.

There is a growing number of attacks targeting research data, especially in fields like medicine, engineering, and technology, where IP can be monetised or leveraged.

Insider threats are also on the rise, with employees or students intentionally or unintentionally exposing data to unauthorised parties.

To protect against this threat:

  • Strong access controls should be implemented, ensuring only authorised users have access to sensitive data.
  • Regularly audit data access and usage to detect unusual behaviour.
  • Use encryption for sensitive data, both at rest and in transit, to protect it from unauthorised access.

 

  • Distributed Denial of Service (DDoS) Attacks

DDoS attacks aim to disrupt an institution’s online services by overwhelming them with traffic, rendering websites, online portals, and learning management systems (LMS) unavailable. These attacks can severely impact remote learning, research, and administrative functions.

DDoS attacks are increasingly targeting online learning platforms and exam portals, causing significant disruptions during critical academic periods.

Attackers may use DDoS as a diversionary tactic while conducting more targeted attacks, such as data breaches or malware infections.

To protect against this threat:

  • Use DDoS protection services (such as the Jisc DDoS mitigation services) that can absorb and mitigate large-scale attacks.
  • Develop an incident response plan specifically for DDoS attacks to ensure quick recovery.
  • Monitor network traffic for unusual patterns that may indicate an impending attack.

 

 

  • IoT Vulnerabilities

With the growing use of Internet of Things (IoT) devices on campuses—such as smart cameras, lighting systems, HVAC controls, and connected learning tools—there are new vulnerabilities that cybercriminals can exploit. These devices often lack robust security features, making them easy targets for attackers seeking access to broader institutional networks.

There are increased attacks on connected devices, such as smart printers or surveillance cameras, to gain access to networks or launch broader attacks.

Threat actors are using compromised IoT devices to create botnets for DDoS attacks or other malicious activities.

To protect against this threat:

  • Implement network segmentation to isolate IoT devices from critical systems and data.
  • Regularly update the firmware and software of all connected devices to protect against known vulnerabilities.
  • Use strong, unique passwords for IoT devices and disable unnecessary features or services.

 

  • Artificial Intelligence (AI) and Machine Learning (ML) in Cybersecurity

AI and ML are being leveraged to enhance threat detection and response capabilities amongst other uses. These technologies can analyse vast amounts of data to identify anomalies and detect potential threats in real-time.

There are pros and cons to the use of AI.  It can reduce response times and improve accuracy in detecting threats.

AI can automate routine security tasks, freeing up IT staff to focus on more strategic initiatives.

However, AI can be used by criminals against us all and allow more advanced attacks to take place.

AI is being used for phishing, deepfakes which can be used to impersonate teachers, administrators, or students, spreading misinformation, manipulating public opinion, or damaging reputations.

We all need to catch up the use of AI and ML, ensuring that data privacy is not ignored when using these tools.

To protect against this threat:

  • Ensure you have sufficient policies and procedures in place for the use of these tools in your institution.
  • Provide education and awareness of the use and threats of these tools.
  • Implement strict data validation and cleansing processes to ensure the integrity of datasets used for AI/ML training.
  • Use robust AI models that are resistant to tampering and can detect anomalies in data inputs.
  • Regularly audit AI/ML systems to monitor their performance and identify signs of data manipulation.
  • Conduct frequent security assessments and penetration testing to identify and address potential weaknesses.
  • Have one or more “safe phrases” which you use to verify the person’s identity.

 

Additional Considerations

  • Zero Trust Architecture

Zero Trust is a security model that operates on the principle of “never trust, always verify.” This approach assumes that threats could come from both outside and inside the network, and it requires strict verification for anyone attempting to access resources.

Implementing zero trust architectures minimises the risk of insider threats and unauthorised access.

It also provides continuous monitoring and validation of users and devices, reducing the chances of breaches.

  • Cloud Security Enhancements

With the increased adoption of cloud services for remote learning, collaboration, and data storage, institutions are focusing on improving cloud security. Protecting data in cloud environments requires robust access controls, encryption, and monitoring.

Cloud services offer scalable and flexible solutions for data storage and management.

They provide advanced security features, such as identity and access management (IAM) and automated threat detection.

  • Quantum computing

The emerging threat of quantum computing poses significant cybersecurity challenges to the education sector, particularly in safeguarding sensitive data. Quantum computers, with their ability to process complex calculations exponentially faster than classical computers, could potentially break widely-used encryption methods.

Educational institutions, which store vast amounts of confidential data, ranging from student records to financial information are vulnerable to these advanced attacks. As quantum computing technology develops, traditional encryption standards may become obsolete, leaving the education sector exposed to data breaches and intellectual property theft.

To mitigate this risk, colleges and universities must begin exploring quantum-resistant encryption methods and enhance their overall cybersecurity infrastructure.

 

Cybersecurity Education and Training Programs

Recognising the need for a more cyber-aware culture, institutions should invest in cybersecurity education and training programs for students, faculty, and staff. These programs are designed to build awareness of emerging threats and promote best practices.

By conducting education and training programs, this can reduce the risk of human error, which is a common cause of security incidents.

This will help foster a culture of security awareness across the institution.

 

Conclusion

The cybersecurity landscape in further and higher education is constantly evolving, with new threats and trends emerging that require proactive measures. By understanding these emerging threats and adopting a multi-layered approach to cybersecurity, institutions can better protect their data, ensure continuity of learning, and maintain trust with students, faculty, and stakeholders.

Staying informed, investing in the latest cybersecurity technologies, and promoting a culture of security awareness are key to navigating the complex cybersecurity challenges facing higher education today.

——————————————————————————-

And keep updated by joining the Jisc cyber community group. With more than 2,200 members, it’s a forum for sharing knowledge, best practice and threat intelligence for the benefit of the whole education and research sector.

Explore the latest cyber security technologies, innovations and future insights from both a national and international perspective at Jisc’s Security Conference 2024, 26-27 November, ICC Wales, and 28 November online.

Leave a Reply

Your email address will not be published. Required fields are marked *