UPCEA Updates

By SmartBrief Editors

This post is produced in partnership with UPCEA

It’s no secret that hackers are getting more sophisticated and that no businesses or organizations are immune. A reported 60% of large businesses and more than 50% of high-income charities have experienced cyber security breaches in the last year and a small business is hacked every 19 seconds.

Higher education and other professional learning institutions are hot targets for cyber criminals. Student data, financial information, proprietary information from academic research and intellectual property are all valuable assets to hackers — and they are growing bolder in their pursuits.

Most recently, the US Department of Education backtracked on the impact of a prior alert regarding a security vulnerability of a popular college and university software but the message remains strong: colleges, universities and other learning institutions are targets, too.

These attacks are not relegated to the US, of course. A recent survey from Dell EMC and VMware found that UK research programs are worth an average of $2.7 million USD. In August 2018, Iranian cyber attacks targeted 76 universities in 21 countries, including those located in the US, UK, China, Canada and Switzerland. Other entities were also hit, including the US Department of Labor and the United Nations. Those attacks centered on phishing scams through the email of personnel.

The FBI reports that phishing is still the most popular way for cybercriminals to access data and other sensitive information, costing US businesses $1.6 billion in damages in just two years. In total, 16 domains have been used by the threat actors to host over 300 spoofed websites, including university login pages and online libraries.

It’s clear that the higher education landscape is a lucrative place for hackers to set their focus — and it is not limited to traditional colleges and universities. All professional learning spaces should be aware of the types of cyber attacks and more importantly, prep to avoid them by:

• Prioritizing safety and security. In other words, put the money behind the initiatives for staff training, student awareness and the actual software and device-safety programs.
• Implementing and maintaining the most updated security software and secure IT infrastructures. These are not luxury, nice-to-have items that are considered if there is enough money left in the budget; the protection of operations and student data from hackers and other cyber criminals should be a priority for every college, university and professional learning organization.
• Empowering staff with the knowledge base to avoid common cyberattacks that most often start with phishing scams. Employees must understand that security is not just the job of the IT departments; it is the responsibility of every staff member.

As cybersecurity initiatives evolve, so will the criminals, making strong security measures a permanent priority for colleges, universities and other professional learning spaces.