Personal records in higher education networks continue to attract the attention of hackers.

May 23 2014

Colleges Remain Big-Game Targets for Hackers

Personal records in higher education networks continue to attract the attention of hackers.

The digital thievery of hackers rarely resembles a big bank heist.

With the prevalence of personal information being traded among websites daily, hackers are beginning to focus on some unconventional targets, and higher education continues to find itself in the crosshairs

Colleges have consistently been a prime target for hackers. In 2013, the University of Wisconsin sustained up to 100,000 hacking attempts each day, according to The New York Times. And research released May 20 by the EDUCAUSE Higher Education Information Security Council shows that the education sector topped the charts in a survey of security breaches across seven industries.

The survey analyzed digital security breaches in which records were illegally obtained. In the education sector, 73 percent of breaches resulted in stolen records.

The silver lining in this data is that, among the industries surveyed, fewer records were stolen in education breaches than in any other sector. Business and financial institutions sustained the most stolen records, according to the data.

Which levels of higher education are attacked the most?

  • 63% Doctoral
  • 21% Master's
  • 10% Associate's
  • 6% Bachelor's

SOURCE: "Data Breaches in Higher Education (EDUCAUSE, May 20, 2014)

The EDUCAUSE survey suggests that higher education institutions are often singled out for having a large number of breaches, but that may be a reflection of the culture of transparency fostered by education.

Colleges may be more forthcoming than businesses when it comes to reporting the number of breaches they experience, according to EDUCAUSE: "This culture does not exist in other industry sectors, where breach reporting could damage an organization’s ability to be competitive in that industry."

Most breaches (36 percent) were the result of hacking, just ahead of “unintended disclosure” (30 percent), which is when sensitive information is inadvertently posted publicly, mishandled or sent to the wrong party.

With colleges and other venues embracing the Internet of Everything, the stakes are raised for protecting personal data, as hackers are always searching for the next security weakness.

A survey from Trend Micro titled “Cybercrime Hits the Unexpected” found that hackers are beginning to target more unconventional weaknesses; for instance, by covertly installing malware on retail outlet servers. In 2013, more than 40 million credit and debit card numbers were stolen from Target customers using this method, according to Bloomberg Businessweek.

According to Trend Micro, "Attackers are squarely focused on following the money wherever it might be."

The report also cited new security weaknesses on computers still using Windows XP, a platform that Microsoft stopped supporting on April 8. XP was the most popular operating system across the world for several years, so it’s no surprise that it’s still being used at some schools and colleges across the country. Trend Micro expects that “Windows XP users will get left behind with older and vulnerable versions of the browser [Internet Explorer].”

(If you haven’t made the switch to Windows 7 or 8 yet, here are a few helpful tools to ease the transition.)

Online security evolves as breaches occur. So how can college IT departments keep up with this ever-changing landscape? Let us know your thoughts in the comments.

<p><a href=";family=Creative" id="photographer" style="box-sizing: border-box; font-size: 11px; color: #00aaff; -webkit-tap-highlight-color: #00aaff; font-family: Arial, sans-serif; line-

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT