Everybody is talking about the need to train more cybersecurity specialists and invest heavily in research and development related to cryptography, machine learning and AI–all necessary ingredients in cutting edge cybersecurity systems. Academia is destined to play a crucial role in this effort, both in training the next generation of scientists and cybersecurity professionals, and in developing new technologies to fight cyber crime.
Israel’s Ben-Gurion University and Germany’s Fraunhofer Institute, for example, are renowned both for their theoretical research and for spinning off (or incubating) cybersecurity startups to commercialize such technologies.
But a lesser known fact is that academia is also a very lucrative target for cyber criminals, nation-state hackers and cyberpunks. More than 1,150 intrusions into UK university networks were recorded in 2016-17, and universities all around the world are experiencing similar attacks. But why are academic institutions being targeted, and by whom?
The Academic Security Catch
Universities are large, IT-heavy organizations housing tens of thousands of employees, students and contractors, most of whom require some access to its networks. Universities also hold an array of information that is of interest to hackers, such as personal information on employees and students, including payment details, bank accounts, personal identification information (PII), academic scores and more. These institutions handle large sums of money as well, including admission fees, payroll, R&D, and ongoing budget.
Most importantly, universities have intellectual property–the holy grail of every nation-state hacker. Former NSA chief Gen. Keith Alexander famously stated that cybercrime constitutes the “greatest transfer of wealth in history.” Although he was referring to Chinese state-sponsored hackers stealing the trade and IP secrets of US corporations, the statement is equally relevant for academic research, which is often closely linked to the defense, high tech and semiconductor industries.
In addition to IP theft, universities are easy prey for fraudsters and ransomware. Handling large amounts of data and funds, they are often scammed by phishing and business email compromise (BEC) schemes. And because universities have large staffs processing massive amounts of internal and external communication (mostly via email), they often fall prey to ransomware, crippling their IT systems and requiring them to use expensive backup and recovery services.
They are also vulnerable to DDoS attacks, which can seriously impair their ability to conduct academic research and communicate with employees and students. Some universities also require the use of an internal email system and IT systems for taking exams and submitting research papers, a capability that would be seriously impaired by DDoS attack.
Plus, the universities themselves are not the only victims of cybercrime; their students–young and generally less aware of cyber threats–are also prime targets for cyber theft, identity theft and fraud schemes.
Are Universities Really that Different than Other Organizations?
Most of the factors mentioned above are actually true for any medium or large organization in the western world. But there are some peculiarities of the academic world that set universities apart, and not in a good way: