When thinking about industries that cybercriminals might target, tertiary education probably doesn’t come to mind. The latest edition of Microsoft’s Cyber Signals report, however, shows that education was the third most targeted industry in the second quarter of this year.
The mix of valuable data and inherent vulnerabilities in education systems has caught the eye of various attackers—from those using new malware techniques to nation-state actors involved in traditional espionage.
This is a particular concern for tertiary institutions in Africa, which is one of the most targeted regions in the world when it comes to cyberattacks. A recent study of 60 Kenyan universities showed that most were experiencing hacks, while also battling a lack of adequate cybersecurity policies and controls, including organisational, human, physical and technological resources.
Just last year a prominent Moroccan institution of higher learning was hit by a security breach of its master’s degree nomination platform, while a private university in Nigeria had its website completely overtaken by hackers.
It’s clear that the education industry’s vulnerabilities haven’t gone unnoticed by cybercriminals. According to the Cyber Signals report, in the past year alone, more than 15,000 emails with malicious QR codes were sent daily to the sector using Microsoft Office 365 email. This highlights just how targeted and persistent these threats have become.
There are several reasons why hackers often target the education sector. Unlike typical enterprises, universities have a diverse group of users—students, faculty, administration staff, and others. The open and dynamic nature of university environments, with frequent activities and international students, makes them particularly vulnerable to cyberattacks.
Email systems in schools offer wide spaces for compromise. This naturally open environment means universities are often more relaxed about email security. With a lot of emails creating noise in the system, institutions are limited in how they can place controls because they need to stay accessible for alumni, donors, and external collaborations.
Virtual and remote learning have also extended educational applications into homes and offices. Personal and shared devices, which are often unmanaged, are everywhere. Students, not always savvy about cybersecurity, might unknowingly expose their devices to risks.
Legacy infrastructure also leaves school systems vulnerable. The tertiary education sector often faces well-known funding and operational challenges. This means that cutting-edge digital classrooms have to operate alongside older applications and other IT assets.
Managing and safeguarding these varied systems is tough, especially when it’s hard to keep cybersecurity experts on staff. This combination leaves school systems more vulnerable to attacks.
Cybercriminals know that schools handle sensitive, regulated information and must stay open and accessible, making them targets for ransomware and extortion. Universities are hubs for valuable intellectual property and cutting-edge research, often in collaboration with government agencies. This makes them attractive to attackers looking to steal or leverage sensitive data.
Strengthening security measures can be a daunting and expensive task for schools, but there are steps they can take to protect themselves.
Having a clear understanding of the threat environment is an essential place to start. For IT and security pros in education, starting with the basics and beefing up security is a good move
The writer is Country General Manager, Microsoft Kenya
