Colleges and universities are increasingly difficult to get into, at least from a student’s perspective. But cybercriminals feel differently, as higher education institutions have been a common target for targeted ransomware attacks in recent months.

In fact, more than 1,000 schools in the United States fell victim to ransomware attacks over the past year alone. Institutions like Austin Peay State University, which recently experienced a cyberattack, have been forced to shut down their systems and temporarily suspend operations as a result of these attacks — causing chaos and major disruption. In a worst case scenario, Lincoln College announced they were forced to permanently shut down the 157-year-old university in part due to a ransomware attack.

Even more alarming is that these numbers are consistent with the trends seen in 2020, prompting the questions:

• Why are universities at a higher risk of cyberattacks?
• How can security leaders within these institutions work to prevent attacks moving forward?

Identifying the security gaps

There are a handful of security gaps most higher education institutions face that make them more vulnerable to cyberattacks.

First and foremost, a lack of cybersecurity awareness and training, limited funding, and resources stretched thin to stay on top of cyberattacks create the ideal environment for criminals to gain access to substantial amounts of personal student data or research data.

Additionally, many universities don’t effectively communicate with students and staff about the avenues being used by cybercriminals in order to penetrate the university’s network. For example, nefarious actors have the ability to simulate university communications or take advantage of new students and professors who are less likely to be able to identify these types of attacks.

Outdated applications also pose a major risk when it comes to the cybersecurity structure of higher education institutions. Both staff and students are extremely busy, meaning it is common for them to work with different applications across various networks daily. Most of the time, these applications are not always maintained and updated, creating holes in an organization’s security posture that attackers will leverage. Additionally, given that a majority of students are using their personal devices such as laptops and smartphones while on campus, it becomes incredibly difficult for the institution to build a strong cybersecurity structure as these devices are constantly connected to new and possible unsecured networks once students step off campus.

Strengthening security posture

In order to offset these issues, universities should consider the following best practices to strengthen their security posture.

• Ensure proper security and awareness training programs: Every new staff member, including professors and operations crew, as well as students, should be required to complete a cybersecurity awareness training program before their device can be connected to the university’s network. This will arm new students and faculty with the basic cybersecurity knowledge they need to help protect both themselves and the university’s network. 
• Invest in anti-phishing and anti-virus technology: While these types of technology can seem expensive up front, the impact they hold long-term is invaluable when it comes to protecting a university’s network. 
• Increase visibility: Until higher learning institutions gain a better understanding of their overall attack surface — endpoints, network access, servers and virtual machines — they will not have the ability to quickly pinpoint the initial stages of a ransomware attack or isolate any compromised hosts in time.
• Create a student-run Security Operations Center (SOC): This will not only help students gain experience within the cybersecurity field, but is a key step to alleviating the lack of staffing in the cybersecurity industry. 
• Offer cybersecurity internships and classes: These courses are paramount to a cyber professional’s training. The opportunities would ideally be equipped with real-world scenarios that teach students how to handle a potential cyberattack when in the field.

Unfortunately for many higher education institutions, hindsight is 20/20 when it comes to reflecting on what could have been done following a cybersecurity breach. To defend against future attacks, universities need to take these threats seriously and implement stronger cybersecurity measures to remain vigilant in today’s shifting threat landscape.