• Subscribe

Attack on knowledge

Speed read
  • Cybersecurity is important for every industry, but academia is often overlooked
  • Like other sectors, attacks on academic organizations are financially motivated
  • Educational environments have wider attack vectors

Whether it’s the 3 billion users affected by the 2013-2014 Yahoo attack or Russian hackers gathering political information, cybersecurity is frequently in the news. While most stories focus on consumer, corporate, or government breaches, there’s one area that’s often overlooked.

Attacks directed at higher-education and research institutions aren’t as common as those meant for retail and healthcare, but they do happen. What’s more, comparing academic and corporate breaches can teach us a lot about how cybercriminals think and what they really want. 

It’s all about the money

<strong>Identity mine.</strong> Hackers are attracted by the millions of student ID and health records held in university computer systems. Courtesy Element 5.The majority of hackers are motivated by cold, hard cash. According to the Verizon 2018 Data Breach Investigations Report (DBIR), 76% of breaches across all industries were financially motivated. Kim Milford, executive director of the Research Education Networking Information Sharing & Analysis Center (REN-ISAC) at Indiana University, agrees that this is the biggest issue facing academic cybersecurity.

“Academic breaches are almost always financial,” Milford says. “If it’s research, they’re looking for intellectual property. And health records are the biggest market right now for identity theft.”

To make matters worse, cleaning up the mess after an academic breach isn’t easy. According to Milford, it can take months before a breach is detected. This isn’t specific to the academic sector, as Verizon’s DBIR reports that 68% of breaches took “months or longer” to be discovered. This gives a hacker ample time to get what she needs and cover her tracks before anyone notices.

<strong>Not just for the pros.</strong> Public education like this anti-phishing campaign from Indiana University attempts to ensure that all members of a campus community contribute to keeping computing resources secure. Courtesy Vince Cannon.Investigating a breach and restoring a secure environment isn’t cheap, but academic institutions can have a hard time tracking exact numbers. Milford explains that there are two major reasons for this.

“First, a lot of these costs are hidden costs until an incident happens, and then you’re putting out fires as quickly as you can,” Milford says. “Secondly, the responsibility for prevention or protection is spread out so broadly in any large organization. Everyone has to take responsibility for it. So, how does the university know that I’m taking the time to protect my credentials?”

Unique environment

Although much of the threat landscape is similar to that affecting major corporations, cybersecurity is handled differently at the academic level. The most prevalant vulnerability is one of the most important assets of education: easily-accessible information.

“The biggest difference is that we in academic and university settings have more end-points visible to the outside world,” says Milford. “So whereas a private corporation might have a fairly rigid firewall with very few public IP addresses and very few exposures to the public internet, we don't do business that way.”

<strong>Get rich quick.</strong> University supercomputers, like this one at the San Diego Supercomputer Center, are tempting targets for hackers who want to use their high-performance capabilities to mine cryptocurrencies.“For instance, the geology department can't just use a central university website. They need their own website. Their work is independent, they probably have actual research going on external to their website, or to the university website. So they need to maintain that external presence.”

University cybersecurity professionals have one more unique attack vector to consider: supercomputers. Hackers  want access to these high-performance machines to mine cryptocurrency.

While some private companies do own supercomputers, cryptocurrency hacking generally involves academic or high-end research computers. One Harvard student used the school’s Odyssey supercomputer to mine Dogecoin, while Russian engineers at the Federal Nuclear Center in Sarov were caught mining bitcoin with the physics research organization’s machine.

Academic institutions possess a goldmine of computing resources and data. And they have a responsibility to their students, staff, and their legacy to uphold rigorous standards of information security.

Understanding more today than we did yesterday is mankind’s greatest mission, and an attack on a university is an attack on the pursuit of knowledge. Challenges will continue to arise, but cybersecurity professionals at institutions of higher education are fighting back to secure our knowledge resources and protect the future of discovery and learning.   

Read more:

Join the conversation

Do you have story ideas or something to contribute? Let us know!

Copyright © 2021 Science Node ™  |  Privacy Notice  |  Sitemap

Disclaimer: While Science Node ™ does its best to provide complete and up-to-date information, it does not warrant that the information is error-free and disclaims all liability with respect to results from the use of the information.


We encourage you to republish this article online and in print, it’s free under our creative commons attribution license, but please follow some simple guidelines:
  1. You have to credit our authors.
  2. You have to credit ScienceNode.org — where possible include our logo with a link back to the original article.
  3. You can simply run the first few lines of the article and then add: “Read the full article on ScienceNode.org” containing a link back to the original article.
  4. The easiest way to get the article on your site is to embed the code below.