Cybersecurity in Tertiary Education: A Growing Concern

When we think about industries that cybercriminals might target, tertiary education likely doesn’t spring to mind. However, the latest edition of Microsoft’s Cyber Signals report reveals a startling reality: education was the third most targeted industry in the second quarter of this year. The combination of valuable data and inherent vulnerabilities within educational systems has attracted a variety of attackers, from those employing sophisticated malware techniques to nation-state actors engaged in traditional espionage.

The African Context: A Hotbed for Cyberattacks

This issue is particularly pressing for tertiary institutions in Africa, which has emerged as one of the most targeted regions globally for cyberattacks. A recent study examining 60 Kenyan universities highlighted a troubling trend: many institutions are grappling with frequent hacks while simultaneously lacking adequate cybersecurity policies and controls. This includes deficiencies in organizational, human, physical, and technological resources.

For instance, last year, a prominent Moroccan university experienced a significant security breach involving its master’s degree nomination platform. Similarly, a private university in Nigeria had its website completely overtaken by hackers. These incidents underscore the urgent need for enhanced cybersecurity measures in the education sector.

The Scale of the Threat

The Cyber Signals report paints a grim picture of the current threat landscape. In the past year alone, more than 15,000 emails containing malicious QR codes were sent daily to educational institutions using Microsoft Office 365 email. This statistic highlights the targeted and persistent nature of cyber threats facing the sector.

Why Are Hackers Targeting Education?

Several factors contribute to the education sector’s vulnerability to cyberattacks:

1. Diverse User Base: Unlike typical enterprises, universities host a wide array of users—students, faculty, administrative staff, and external collaborators. This open and dynamic environment, characterized by frequent activities and a mix of international students, creates a fertile ground for cybercriminals.

2. Relaxed Email Security: The open nature of university environments often leads to a more relaxed approach to email security. With a high volume of emails, institutions struggle to implement stringent controls while remaining accessible to alumni, donors, and external partners. This lack of robust security measures makes them prime targets for attacks.

3. Unmanaged Devices: The shift to virtual and remote learning has extended educational applications into homes and offices, where personal and shared devices—often unmanaged—are prevalent. Students, who may not be well-versed in cybersecurity, can inadvertently expose their devices to risks.

4. Legacy Infrastructure: Many tertiary institutions face funding and operational challenges, resulting in a mix of cutting-edge digital classrooms and outdated IT assets. This patchwork of systems complicates the management and safeguarding of sensitive data, leaving institutions vulnerable to attacks.

5. Attractive Targets for Nation-State Actors: Cybercriminals recognize that educational institutions handle sensitive, regulated information and must remain accessible. This makes them prime targets for ransomware and extortion. Universities are also hubs for valuable intellectual property and cutting-edge research, often in collaboration with government agencies, making them attractive to attackers seeking to steal or leverage sensitive data.

Strengthening Cybersecurity Measures

While enhancing cybersecurity can seem daunting and costly for educational institutions, there are actionable steps they can take to protect themselves:

Understanding the Threat Landscape

A clear understanding of the threat environment is crucial. Resources like the Cyber Signals report provide invaluable insights for chief information security officers and their teams, helping them refine technologies, policies, and processes. This quarterly cyber threat intelligence brief, informed by the latest Microsoft threat data and research, underscores the importance of staying informed about current threats and tactics used by cybercriminals.

Promoting Cyber Hygiene

Maintaining strong cyber hygiene is essential. Raising awareness of security risks and promoting good practices among students, faculty, staff, and administrators can help create a safer environment. For IT and security professionals in education, starting with the basics and gradually enhancing security measures is a prudent approach.

Centralizing Technology Setup

Centralizing the tech setup can facilitate more effective monitoring of activities and easier identification of vulnerabilities. The Cyber Signals report recommends that IT teams consider using protective domain name services, a free tool that can help block access to harmful websites and mitigate ransomware and other cyberattacks.

Implementing Strong Authentication Measures

To prevent password spray attacks, institutions should enforce strong password policies and implement multifactor authentication (MFA). According to the report, accounts protected by MFA are more than 99.9% less likely to be hacked.

Leveraging AI-Powered Security Tools

For under-resourced IT teams, tools like Microsoft Copilot for Security can significantly enhance the efficiency and capabilities of security defenders. This AI-powered solution aids professionals in various scenarios, including incident response, threat hunting, intelligence gathering, and posture management.

Educating the Community

Lastly, universities must prioritize educating students and staff about good security habits. Encouraging the use of multifactor authentication or passwordless options can significantly reduce the risk of breaches.

Conclusion: Building a Culture of Security

By implementing stronger defenses and proactive measures, universities can better equip themselves to fend off the increasing threats to their sensitive data and groundbreaking research. Building a robust security posture is not solely about technology; it also involves fostering a vigilant culture prepared to manage potential attacks. Investing in these measures now will safeguard valuable assets and ensure that critical educational work continues without disruption.

As we navigate this evolving landscape, it is imperative for educational institutions to recognize the importance of cybersecurity and take proactive steps to protect their communities. The future of education depends not only on the knowledge imparted but also on the security of the systems that support it.

Read Also: Securing Africa’s Digital Future Will Require Robust Cybersecurity Readiness

By Phyllis Migwi, Country General Manager, Microsoft Kenya.