Stopping Cyber Attacks in Higher Education
Higher Education institutions are some of the most consistently targeted organisations for cyberattacks. CrowdStrike explores the importance of the right cybersecurity measures.
Last year all organisations, regardless of industry or size, were challenged in ways no one had ever experienced before. The onslaught was unrelenting, and for some organisations, overwhelming.
As stay-at-home orders rippled around the world, education campuses turned into ghost towns virtually overnight. Millions of educators and administrators retreated to hastily equipped home offices. This created a feeding frenzy for cyber criminals, spurred on by the possibility of easy access to sensitive data and networks. At the same time, fear, concern and curiosity surrounding COVID-19 provided the perfect cover for a record-setting increase in social engineering attacks from both eCrime actors and targeted intrusion adversaries.
In responding to COVID-19, the education sector had to rapidly accelerate digital transformation programmes and remote workforce enablement simply to function. This was not lost on adversaries who worked overtime to take advantage of new attack surfaces, exploiting people’s fears, and trying as hard as they could to evade even the strongest traditional security measures.
CrowdStrike’s managed threat hunting team observed major increases in interactive intrusion activity. In two years, there has been a fourfold increase in the number of interactive intrusions (those involving the use of hands-on-keyboard techniques) uncovered. The education sector was also one of the targets of the StellarParticle supply chain attack.
In responding to COVID-19, the education sector had to rapidly accelerate digital transformation programmes and remote workforce enablement simply to function.
Higher Education institutions are some of the most consistently targeted organisations for cyberattacks. Colleges and universities have become desirable targets, particularly for their research and wealth of personally identifiable information and financial data.
Campus Technology recently ran a survey to understand the unique challenges higher education faces in securing itself and the factors that come into play for choosing cybersecurity countermeasures. While most institutions feel prepared for security breaches, ransomware or other malware, they're also worried their efforts to date won't be enough. Choosing the right cybersecurity partner goes a long way towards protecting the campus.
Cybersecurity incidents: time and expense
Of the 3/4 of institutions that have suffered a cybersecurity incident...
- The median cost spent on recovery was $56,000
- The average cost spent for recovery was $366,000
- 1/3 of them took a month or longer to discover, review and remediate the problem
Worried but ready
- 7 in 10 higher education institutions are both prepared for and concerned about a breach or ransomware attack
- Among those unprepared for a breach or ransomware attack, 1/3 are not concerned
- That lack of concern is considerably lower for those in IT roles and higher for those in non-IT roles…
- 32% of ALL ROLES ‘not concerned’
- 17% of IT ROLES ‘not concerned’
- 38% of NON-IT ROLES ‘not concerned’
Ranking the impact of data risks
The prospect of losing institutional research and intellectual property tops the list when educators prioritise what they're most worried about when it comes to someone gaining unauthorised access to campus data. These are their leading concerns, in order of importance:
- Loss of institutional research and IP
- Expense of data breach remediation
- Damage to college brand and reputation
- Decline in enrolment
- Risks to physical safety
- Security of COVID-19-specific research and IP
These educational institutions find their current cybersecurity solutions offer their own challenges. The main problems they pose are: staff lacking needed skills; too many devices to cover; too many different products in use on campus; too complex; disparate data sources; and alert fatigue.
Ensuring the business of education goes on CrowdStrike
The rapid move to a work-from-anywhere environment combined with the daunting number of breaches so far this year has brought the Zero Trust model to the forefront. Zero Trust is the principle that nothing attempting to interact with your network environment should be trusted by default, whether it be users, devices, or applications. It is the recommended approach for organisations requiring the highest level of protection for sensitive data. Organisations should be able to extend their Zero Trust strategy to encompass their remote workforce with the necessary scale to keep enterprises secure and functional. For education institutions in this new normal, it is the only way to operate effectively.
For education institutions in this new normal, [Zero Trust] is the only way to operate effectively.
The CrowdStrike cloud protects compute workloads in over 170 countries for thousands of organisations, capturing over four trillion events per week. Put into context, CrowdStrike processes as many events in one day as Twitter users tweet a year. It is this intelligence that allowed it to be the first to identify and block novel attacks - including ‘NotPetya’.
The CrowdStrike Falcon Platform enables organisations to identify known and unknown malware, detect zero-day threats, pinpoint advanced adversaries’ attribution and prevent damage from targeted attacks in real-time. The core of the platform is a global network of host-based detection sensors driven by a world-class cyber threat intelligence to provide real-time detection and prevention capabilities to governments and enterprises worldwide. The platform deploys a single lightweight sensor on the user machine, with the processing work happening in the cloud. Productivity is not impacted, deployment is fast, and updates are automatic without administration overhead.
CrowdStrike’s next generation anti-virus incorporates AI/ML techniques and leverages big data and threat intelligence at scale. This first ‘blocking’ step is backed up by granular visibility that allows monitoring and blocking of attacks at any stage of the adversary’s movement. The final layer is a team of experts proactively hunting threats in customer environments. These are the key components that differentiate CrowdStrike, and that’s why CrowdStrike leads the Gartner Magic Quadrant for Endpoint Protection Platforms, as well Gartner’s Peer Insights Customers’ Choice, and is a Leader in the Forrester Wave for Endpoint Security Suites.
For more information on CrowdStrike’s security solutions for education, visit www.crowdstrike.com.
Leaders from two of government’s core digital and data units – the CDDO and CDEI – introduce new guidelines intended to promote transparency in the public sector’s use of algorithms
Samaira Uddin of GDS discusses how civil servants can be an allies and advocates for their disabled co-workers
Government consults on proposals to create new offences to clamp down on technologies it believes are enabling serious crime
Consultancy brought in on two-year contract to deliver audits and recommend improvements