Universities and educational institutions are facing an unprecedented wave of cyberattacks, with reports indicating that the education sector is among the most targeted industries in the digital landscape. According to Microsoft’s “Cyber Signals” report, education ranked as the third most targeted industry in the second quarter of 2024. The data corroborates findings from Check Point Software, revealing that educational and research organizations are experiencing over 2,500 cyberattacks weekly, marking a 15% increase over the past few years.
The United States stands out as one of the hardest-hit regions, with schools and related entities worldwide facing similar risks. In Europe, 43% of higher education institutions report experiencing cyber incidents at least once a week, showcasing the pervasive nature of these threats. However, schools catering to younger age groups seem to encounter cyberattacks at a lower frequency, ranging from 13% to 16%.
Microsoft highlights that educational institutions present a unique target for cybercriminals due to their diverse functions, vulnerabilities, and legacy infrastructure challenges. Universities, in particular, serve as multifaceted organizations, acting as financial institutions, healthcare providers, housing facilities, and data repositories concurrently. These entities handle payment systems, websites, networks, and personal information for numerous individuals, making them appealing targets for malicious actors.
The complexities of educational environments expose them to various cybersecurity challenges affecting other industries. The blend of new and outdated technologies, budget constraints in public schools, scarcity of cybersecurity experts, and the proliferation of personal devices used on campuses contribute to the vulnerabilities faced by educational institutions. Furthermore, the shift to virtual learning has expanded the attack surface, creating additional security risks.
One significant concern in educational settings is the prevalence of “bring your own device” (BYOD) practices, where students and teachers use personal devices that may compromise network security. Additionally, the rise of phishing attacks targeting educational institutions, such as “quishing” scams involving QR codes, underscores the need for heightened vigilance and security measures.
Corey Lee, the security chief technology officer (CTO) for Microsoft’s M365 Security, emphasizes the challenges faced by schools in implementing effective cybersecurity measures. The collaborative nature of educational environments and the lack of robust email filtering and response capabilities make it difficult to combat sophisticated cyber threats like business email compromise attacks.
To address these escalating cybersecurity concerns, many universities have established security operations centers (SOCs) to enhance their threat detection and response capabilities. Institutions like Oregon State University, Louisiana State University, the University of Cincinnati, and California Polytechnic State University have invested in SOCs to bolster their cybersecurity posture. In Texas, the Department of Information Resources collaborates with Angelo State University to operate a Regional Security Operations Center, showcasing a collaborative approach to cybersecurity in the education sector.
Recognizing the shortage of cybersecurity professionals in the industry, educational institutions are tapping into their student body as a valuable resource for cybersecurity defense. Student-staffed SOCs not only safeguard universities but also contribute to training the next generation of cybersecurity experts, addressing the talent gap while fortifying the cybersecurity defenses of educational institutions and beyond. As Corey Lee notes, engaging students in cybersecurity initiatives helps build a resilient defense strategy and fosters a cybersecurity-conscious culture within educational environments.