Higher learning institutions operate on budgets that are not always as high as they would like, so tech is often neglected in favor of other investments. This leaves them open to cyberattacks that not only cause financial distress but also harm their reputation. Attacks target such vital information as social security numbers for staff and students and intellectual property that institutions would rather keep safe.
These days, hackers are demanding more than just information; they ask for ransom or blackmail victims into doing things that could destroy them in one way or another. Although financial constraints may prevent universities from taking the latest cybersecurity measures, the damage is becoming too much.
Here's why cybersecurity is important at school and business:
Cyberattacks get more sophisticated each time, so that now a computer in the US is attacked every 39 seconds. Even scarier is the fact that these attacks are getting more complex each time, affecting many people at once. These random attacks are becoming harder to detect without top gear, so institutions lose loads of data. At some point where ransom demanded is so substantive, schools may have to close down as they haven't always planned for such issues. In cases where the demand made is too much – such as when the victim is asked to perform acts they may not live with – these attacks could lead to loss of life through suicide. Sadly, some of these cases – suicides at school – are swept under the rag to protect the institution's reputation.
IT students – and other users - celebrate faster internet speeds as we advance to 5G, but that could open us up to cyber attacks. The software may be more vulnerable due to an emerging ecosystem of networks. Also, IoT and exponentially increased numbers of connected computers – such that we may have a network of over 200 billion connected devices – increases the chances of an attack. These days, these attacks need no human intervention as they are automated, making them even easier to execute.
We cannot overlook cloud computing that is now becoming more and more popular with schools and organizations. While it is yet another advancement worth celebrating, it also presents one more platform for hackers to target. These exposures are a little too varied for a simple cybersecurity plan.
Standard Query Language manages communications among databases that are usually password-protected for safety. SQL Injections exploit weaknesses in the code written to access these passwords and usernames so that a hacker has easy access to these pages after the code is compromised. Russia used this kind of attack to access information to dozens of US universities in 2017, including two in the Ivy League. These attacks are the most prominent in higher learning institutions for the sheer number of password-protected applications they have and will continue as long as they are vulnerable.
University staff can prevent or minimize these attacks in these ways:
One of the ways you get attacked when using a school laptop or PC to access a site is through a Man-in-the-Middle (MiTM) Attack where a third party interjects communication. The malicious software gains access when you use public Wi-Fi networks at coffee shops or such, so you want to be careful when accessing these. Since it can be hard to detect, you are safer using a VPN when working with public networks. VPN should be the fist app you should download as student.
This one's an old trick – sending malicious emails through email. As hackers get better, they try as best as they can to get you to open the email by using an address that you may believe to be legit. Before opening any mail, you may want to check the address for misspelling since there will be at least one thing giving it away.
The other way you can put yourself and the entire school system in harm's way is by opening links to compromised websites. In their infinite wisdom, hackers will use the old trick of sending emails using addresses to known sites, but a closer look at the domain will tell you it is not the original. The easiest way not to fall for this is by only clicking on links you know to be legitimate.
While increased attacks are bad for schools and businesses, something positive comes from it. Authorities are increasingly vigilant now and keener to legislate. Laws are now being put in place to protect users of all walks from this harassment, which eventually leads to wins for everyone involved. Harsher penalties may be given to perpetrators if those laws are brought to citizens' attention, so they know how to take action. Till then, we all need to be vigilant when using the public internet.
David Kidwell is a cybersecurity geek who spends most of his time researching the latest news on the topic for Studyclerk. He enjoys hiding from the real-world problems in video games.