Universities Under Siege: Cyberattacks Surge on Education Sector
Educational institutions have increasingly become frequent targets of cyberattacks, facing thousands of incidents each week. According to Microsoft’s May “Cyber Signals” report, this sector ranked third in the number of attacks during the second quarter of 2024. On average, each major educational institution experiences at least one attack per week, with the global number of incidents continuing to rise, particularly in the United States and Europe.
Universities and research institutions encounter more serious threats than primary and secondary schools. In Europe, 43% of higher education institutions report attacks weekly, a figure significantly higher compared to schools serving younger age groups, where the rate fluctuates between 13% and 16%.
One reason for this vulnerability lies in the complex infrastructure of universities. These institutions combine the functions of financial, medical, housing, and even research centers. They handle vast amounts of personal data and possess potentially valuable scientific research, making them an appealing target for cybercriminals.
The vulnerability is exacerbated by the coexistence of modern and outdated technologies, along with a shortage of cybersecurity specialists. Furthermore, the Bring Your Own Device (BYOD) approach, where students and faculty use personal devices within university networks, amplifies the risk, as these devices can become vectors for cyber threats.
In recent years, some universities have begun establishing their own Security Operations Centers (SOCs) to more effectively counter cyberthreats. Oregon State University, among others, including the University of Cincinnati and California Polytechnic State University, have created their own SOCs. In Texas, the Department of Information Resources collaborates with local universities to safeguard both educational and governmental institutions.
Cyberattacks on universities underscore the urgent need for enhanced data protection and the modernization of security systems. Without updated measures and sufficient resources, educational institutions risk finding themselves on the front lines of the battle against cyber threats, where each day could prove decisive.
