Educational Institutions become a prime target for cybercriminals as the new academic year commences

Young University Professor Explaining the Importance of Artificial Intelligence to a Group of Diverse Students in a Dark Auditorium. Female Teacher Showing Big Data Ecosystem on Two Big Screens
(Image credit: Shutterstock / Gorodenkoff)

Cybercriminals have no limits when it comes to the scale, size, and organization they target. As long as there is data to be stolen, they will launch an attack.

Historically, these cybercriminals focused on large brands with valuable data; however, these companies often have the resources to invest in advanced firewalls and robust security measures to protect their information.

Consequently, cybercriminals are now shifting their focus to easier targets, such as educational institutions.

Why are educational institutions are prime targets?

According to a recent report by NordLayer, cyberattacks targeting educational institutions have increased by 37% compared to last year.

This alarming statistic shows the growing vulnerability of schools, colleges, and universities in the face of evolving cyber threats. Following best practices for security, such as using unique and strong passwords, should now be a priority for all members of the academic community.

The academic sector is particularly appealing to cybercriminals for several reasons. Schools and universities manage vast amounts of sensitive information, including personal data of students and faculty, financial records, and valuable research data. The rise of online learning has only added to the complexity of managing cybersecurity, introducing more infrastructure, software platforms, and endpoints that can be exploited.

Furthermore, educational institutions often struggle with limited budgets and inadequate cybersecurity measures, making it challenging to protect against sophisticated cyber threats. Both lower and higher education institutions have been frequent targets of ransomware, with 80% of lower education providers and 79% of higher education institutions reportedly falling victim to attacks, causing significant disruptions to academic operations and potentially leading to long-term damage to an institution’s reputation.

Beyond the financial impact, data breaches can lead to identity theft, reputational damage, and legal consequences for educational institutions. Protecting sensitive information is not only about safeguarding financial assets but also about maintaining trust and integrity in the academic community. Unfortunately, cyberattacks in the education sector continue to increase. In fact, it currently surpasses other high-risk sectors such as government, healthcare, and finance this year.

A UK government survey found that 86% of further education colleges reported experiencing a cyber breach or attack in the past year.

To combat the growing threat of cyberattacks, educational institutions must adopt a proactive approach to cybersecurity. Regular updates to software and systems are essential to protect against known vulnerabilities. Training staff and students on recognizing phishing attempts and other social engineering tactics can reduce the risk of human error leading to a breach.

Educational institutions should also invest strategically in cybersecurity infrastructure, such as firewalls, intrusion detection systems, and encryption technologies. Furthermore, conducting regular assessments of current cybersecurity measures can help identify weaknesses and areas for improvement.

“Educational institutions need to prioritize cybersecurity, implementing measures that foster a culture of digital awareness among students and staff,” says Andrius Buinovskis, head of product at NordLayer.

“The stakes are especially high at the start of the new academic year, for educational organizations and they need to be prepared for cyberattacks…Every member of the academic community — from students to teachers, must play an active role in cybersecurity. Simple yet effective practices like using strong, unique passwords and learning to identify phishing attempts, can significantly improve an institution's security posture," Buinovskis concluded.

More from TechRadar Pro

Efosa Udinmwen
Freelance Journalist

Efosa has been writing about technology for over 7 years, initially driven by curiosity but now fueled by a strong passion for the field. He holds both a Master's and a PhD in sciences, which provided him with a solid foundation in analytical thinking. Efosa developed a keen interest in technology policy, specifically exploring the intersection of privacy, security, and politics. His research delves into how technological advancements influence regulatory frameworks and societal norms, particularly concerning data protection and cybersecurity. Upon joining TechRadar Pro, in addition to privacy and technology policy, he is also focused on B2B security products. Efosa can be contacted at this email: udinmwenefosa@gmail.com