Cybersecurity in Tertiary Education: A Growing Concern
When considering industries that cybercriminals might target, tertiary education often doesn’t top the list. However, recent findings from Microsoft’s Cyber Signals report reveal that education was the third most targeted industry in the second quarter of this year. The combination of valuable data and inherent vulnerabilities within educational systems has attracted a range of attackers, from those employing sophisticated malware techniques to nation-state actors engaged in traditional espionage.
The Cyber Threat Landscape in Africa
This issue is particularly pressing for tertiary institutions in Africa, which have become some of the most targeted regions globally for cyberattacks. A recent study of 60 Kenyan universities indicated that most of these institutions were experiencing hacks while simultaneously grappling with inadequate cybersecurity policies and controls. These deficiencies span organizational, human, physical, and technological resources.
In 2022, a prominent Moroccan institution faced a significant security breach involving its master’s degree nomination platform, while a private university in Nigeria had its entire website compromised by hackers. Such incidents illustrate the alarming trend of cyberattacks in the education sector, highlighting the urgent need for improved cybersecurity measures.
The Scale of Cyber Threats
According to the Cyber Signals report, over the past year, more than 15,000 emails containing malicious QR codes were sent daily to educational institutions using Microsoft Office 365 email. This statistic underscores the targeted and persistent nature of these threats, revealing a landscape where cybercriminals are increasingly sophisticated and relentless.
Why Are Educational Institutions Targeted?
Several factors contribute to the education sector being a prime target for cybercriminals:
Diverse User Base
Unlike typical enterprises, universities host a diverse group of users, including students, faculty, administrative staff, and external collaborators. This open and dynamic environment, characterized by frequent activities and international students, makes educational institutions particularly vulnerable to cyberattacks.
Email Systems and Security Gaps
The inherent openness of university environments often leads to a more relaxed approach to email security. With a high volume of emails creating noise in the system, institutions struggle to implement effective controls while maintaining accessibility for alumni, donors, and external partnerships. This combination of openness and inadequate security measures makes universities prime targets for cyberattacks.
Remote Learning and Device Management
The rise of virtual and remote learning has extended educational applications into homes and offices, leading to the proliferation of personal and shared devices that are often unmanaged. Students, who may not be well-versed in cybersecurity practices, can inadvertently expose their devices to risks, further compounding the vulnerabilities faced by educational institutions.
Legacy Infrastructure
Many tertiary education institutions grapple with funding and operational challenges, resulting in a mix of cutting-edge digital classrooms and outdated IT assets. Managing and safeguarding these varied systems is a daunting task, particularly when retaining cybersecurity experts proves difficult. This legacy infrastructure leaves educational systems more susceptible to attacks.
Valuable Intellectual Property
Cybercriminals recognize that educational institutions handle sensitive, regulated information and must remain accessible, making them attractive targets for ransomware and extortion. Universities are often hubs for valuable intellectual property and cutting-edge research, frequently collaborating with government agencies. This makes them appealing to attackers seeking to steal or leverage sensitive data.
Strengthening Cybersecurity Measures
While enhancing security measures can be a daunting and costly endeavor for educational institutions, there are actionable steps they can take to protect themselves.
Understanding the Threat Environment
A clear understanding of the threat landscape is crucial. Reports like Cyber Signals serve as invaluable resources for chief information security officers and their teams as they refine technologies, policies, and processes. These quarterly cyberthreat intelligence briefs, informed by the latest Microsoft threat data and research, provide expert insights into current threats and the tactics employed by cybercriminals.
Promoting Cyber Hygiene
Maintaining strong cyber hygiene is essential. Raising awareness of security risks and promoting good practices among students, faculty, staff, and administrators can help create a safer environment. Educational institutions should prioritize training and resources that empower their communities to recognize and respond to potential threats.
Centralizing Technology and Monitoring
For IT and security professionals in education, starting with the basics and enhancing security protocols is a prudent approach. Centralizing the tech setup can facilitate more effective monitoring of activities and easier identification of vulnerabilities. The Cyber Signals report recommends considering tools like “protective domain name service,” which can help block access to harmful websites and mitigate ransomware threats.
Implementing Strong Authentication Measures
To prevent password spray attacks, institutions should enforce strong password policies and implement multifactor authentication (MFA). According to the report, accounts with MFA are more than 99.9% less likely to be hacked, making it a critical component of any cybersecurity strategy.
Leveraging AI-Powered Security Solutions
For under-resourced IT teams, tools such as Microsoft Copilot for Security can significantly enhance the efficiency and capabilities of security defenders. This AI-powered solution provides an assistive experience, supporting professionals in various scenarios, including incident response, threat hunting, intelligence gathering, and posture management.
Fostering a Culture of Security
It is equally important for universities to educate students and staff about good security habits. Encouraging the use of multifactor authentication or passwordless options can significantly reduce the risk of account compromise. By fostering a culture of vigilance and awareness, educational institutions can better prepare their communities to manage potential cyber threats.
Conclusion
By implementing stronger defenses and proactive measures, universities can better equip themselves to fend off the increasing threats to their sensitive data and groundbreaking research. Building a solid security posture is not solely about technology; it also involves cultivating a culture of awareness and preparedness. Investing in these measures now will safeguard valuable assets and ensure that critical educational work continues without disruption.
As the country director for Microsoft Nigeria, Williams emphasizes the importance of prioritizing cybersecurity in the education sector, ensuring that institutions can navigate the complexities of the digital landscape while protecting their most valuable resources.