Cybersecurity in Tertiary Education: A Growing Concern
By Phyllis Migwi
OCT 23
When we think of industries that might attract the attention of cybercriminals, tertiary education is often overlooked. However, the latest edition of Microsoft’s Cyber Signals report reveals a startling reality: education was the third most targeted industry in the second quarter of this year. The combination of valuable data and inherent vulnerabilities within educational systems has made them prime targets for a variety of attackers, ranging from those employing sophisticated malware techniques to nation-state actors engaged in traditional espionage.
The Cyber Threat Landscape in Africa
This issue is particularly pressing for tertiary institutions in Africa, which are among the most targeted regions globally for cyberattacks. A recent study surveying 60 Kenyan universities found that most were experiencing hacks, compounded by a significant lack of adequate cybersecurity policies and controls. This includes deficiencies in organizational, human, physical, and technological resources.
The situation is not isolated; just last year, a prominent Moroccan university suffered a security breach involving its master’s degree nomination platform, while a private university in Nigeria had its website completely taken over by hackers. These incidents underscore the urgent need for enhanced cybersecurity measures across the continent’s educational institutions.
The Scale of the Threat
The Cyber Signals report highlights the alarming scale of the threat. Over the past year, more than 15,000 emails containing malicious QR codes were sent daily to the education sector using Microsoft Office 365 email. This statistic illustrates the targeted and persistent nature of cyber threats facing educational institutions.
Why Are Educational Institutions Targeted?
Several factors contribute to the education sector’s vulnerability to cyberattacks. Unlike typical enterprises, universities host a diverse group of users—students, faculty, administrative staff, and external collaborators. The open and dynamic nature of university environments, characterized by frequent activities and a mix of international students, makes them particularly susceptible to cyber threats.
Email Systems: A Breeding Ground for Compromise
The relaxed approach to email security in educational institutions further exacerbates their vulnerability. With a high volume of emails creating noise in the system, institutions struggle to implement effective controls while remaining accessible to alumni, donors, and external partners. This combination of openness and insufficient security measures makes universities prime targets for cybercriminals.
The Impact of Remote Learning
The shift to virtual and remote learning has also expanded educational applications into homes and offices, introducing unmanaged personal and shared devices into the mix. Students, often lacking cybersecurity awareness, may inadvertently expose their devices to risks, further complicating the security landscape.
Legacy Infrastructure and Cybersecurity Challenges
Tertiary education institutions frequently grapple with funding and operational challenges, leading to a reliance on outdated infrastructure alongside cutting-edge digital classrooms. This disparity complicates the management and safeguarding of various IT systems, particularly when it is difficult to retain cybersecurity experts on staff. As a result, these institutions become increasingly vulnerable to attacks.
The Allure of Intellectual Property
Cybercriminals are acutely aware that educational institutions handle sensitive, regulated information and must remain accessible, making them prime targets for ransomware and extortion. Universities are often hubs for valuable intellectual property and cutting-edge research, frequently collaborating with government agencies. This makes them attractive targets for attackers seeking to steal or leverage sensitive data.
For instance, it can be easier for hackers to initially target someone in the education sector with ties to the defense sector, using that access to launch more convincing phishing attacks on higher-value targets.
Strengthening Cybersecurity Measures
While enhancing security measures can seem daunting and costly for educational institutions, there are actionable steps they can take to protect themselves.
Understanding the Threat Environment
A clear understanding of the threat landscape is essential. Reports like Cyber Signals serve as invaluable resources for chief information security officers and their teams, helping them refine technologies, policies, and processes. This quarterly cyber threat intelligence brief, informed by the latest Microsoft threat data and research, provides insights into current threats and the tactics employed by cybercriminals.
Promoting Cyber Hygiene
Maintaining strong cyber hygiene is crucial. Raising awareness of security risks and promoting good practices among students, faculty, staff, and administrators can help create a safer environment. IT and security professionals in education should start with the basics, centralizing tech setups to monitor activities more effectively and identify vulnerabilities.
Implementing Protective Measures
The Cyber Signals report recommends that IT teams consider using "protective domain name service," a free tool that can help block access to harmful websites and prevent ransomware and other cyberattacks. Additionally, enforcing strong passwords and implementing multifactor authentication can significantly reduce the risk of password spray attacks.
For under-resourced IT teams, tools like Microsoft Copilot for Security can enhance the efficiency and capabilities of security defenders, allowing them to improve their security outcomes at machine speed and scale. This AI-powered solution supports professionals in various scenarios, including incident response, threat hunting, intelligence gathering, and posture management.
Educating the Community
It is also vital for universities to educate students and staff about good security habits, encouraging the use of multifactor authentication or passwordless options. According to the report, accounts protected by multifactor authentication are more than 99.9% less likely to be hacked.
Conclusion: Building a Resilient Security Posture
By implementing stronger defenses and proactive measures, universities can better equip themselves to fend off the increasing threats to their sensitive data and groundbreaking research. Building a solid security posture is not solely about technology; it also involves fostering a culture of vigilance ready to manage potential attacks. Investing in these measures now will safeguard valuable assets and ensure that critical educational work continues without disruption.
Migwi is the Country General Manager at Microsoft Kenya.