by Lee Carass
The UK’s higher education sector is one of the country’s most prized assets. Its universities are among the world’s leading academic institutions and also play a major role in creating the skills, research and IP needed to drive the economy forward. But as major hubs of people and sensitive data, universities also represent a major target for attackers.
Whether they’re aimed at causing damaging ransomware-related outages, tricking finance teams into wiring funds abroad, stealing staff and student data, or lifting sensitive research, these cyber-threats represent a serious financial and reputational risk to the sector. In a new era of COVID-19, where many universities will be expecting significantly reduced student numbers and income, there’s more pressure than ever to keep such threats at bay.
Threats are everywhere
Universities are a target for commodity ransomware and similar attacks, more targeted financially motivated cybercrime and, most difficult to repel, nation state data theft. There are multiple challenges to protecting key IT systems and data, such as:
Shadow IT: Staff and students use their own devices and research equipment to connect to university networks and cloud resources, creating IT blind spots which could result in malware infection.
Phishing: Social engineering remains a number one threat for any organisation. But in university websites and social media accounts hackers have a great source of information on staff and students with which to craft phishing emails. Education must go hand-in-hand with stronger technical controls to spot such attacks.
Network design: Many universities have faculties with private networks that may be more exposed to hacking attempts, because the research they’re meant to support requires less restrictive security. There may not even be a trained network specialist on hand. Bad practice tends to continue uninterrupted.
Alert fatigue: Like any organisations today, universities have trouble hiring enough skilled security professionals. This can cause problems for those on the front line tasked with responding to breaking threats. Knowing which SOC alerts to take action on and investigate can be hugely challenging, especially given the siloed nature of the products that may be feeding into SIEM platforms.
How Trend Micro can help
Fortunately, Trend Micro has been working with universities for years and today offers a comprehensive range of solutions designed to protect mission-critical IT systems, world-leading research and staff and student data. These include:
Cloud App Security for protection integrated neatly into Office 365, Gmail and other cloud services.
Cloud One for powerful threat defence in AWS, Microsoft Azure, VMware and Google Cloud environments. This includes Cloud One – Conformity, which is designed to provide real-time visibility into environments to reduce compliance issues and misconfigurations.
Network security via Deep Discovery and TippingPoint solutions, to defend against unknown threats and block lateral movement and Cloud One – Network Security for automated protection of virtual private clouds (VPCs) and cloud networks.
To find out more about the unique challenges facing UK universities and how Trend Micro can help mitigate threats in a new era of COVID, read our new report.