Jul 11 2023

Why Higher Ed Institutions Should Be Concerned About Rising Malware Attacks

Find out what’s driving the increase in incidents and what IT teams can do to protect their networks.

When it comes to cybersecurity, it’s a bit of a good news/bad news situation for higher education institutions.

The good news is that ransomware attacks — long a menace to college and university IT departments — dipped slightly overall last year, according to the 2023 SonicWall Cyber Threat Report.

The bad news? Malware attacks are on the rise, with colleges and universities increasingly targeted by malicious actors.

What’s Driving the Malware Increase in Higher Education?

According to Joe Potchanant, director of the cybersecurity and privacy program at EDUCAUSE, money is the motive for most attackers.

“Financial gain is the main motivation in attacks that we’ve seen over the past several years,” Potchanant says. “If those writing malware or even those using Malware as a Service see a financial incentive, they will plan an attack.”

Click the banner below to learn about device lifecycle management solutions.

He also notes that in recent years, attacks focused on compromising business email and attacks via software or hardware vulnerabilities have outpaced malware. Meanwhile, recent advancements in tools such as generative AI have made it easier for attackers to write code. As a result, malicious actors can put in minimal effort and still see success.

And while colleges and universities don’t offer the same potential financial windfalls as targets such as banks, law firms or healthcare organizations, they often lack the IT and cybersecurity budgets to create an effective defense against malware efforts.

DIVE DEEPER: How to detect and respond to bot attacks in higher education.

How Do Attackers Gain Access to Higher Ed Networks?

As noted above, one common method of attack is to use existing vulnerabilities, either known or unknown. In the case of a known vulnerability, a higher ed IT department may simply lack the time and resources to patch the problem, especially if doing so could result in potential system downtime. When it comes to unknown or zero-day exploits, meanwhile, institutions may find themselves under threat with little to no warning.

Despite these risks, however, Potchanant makes it clear that people remain the most likely path to compromise.

“Data from EDUCAUSE and the industry, such as the Verizon Data Breach Investigations Report, show that the majority of compromises occur due to a ‘human element,’” he says. “This is most likely done by social engineering with phishing or website redirects that mimic a legitimate website, which allows attackers to pass the credentials to the legitimate site and steal the password when the user enters their credential. The user is none the wiser because they were able to access exactly what they thought they were trying to access.”

LEARN MORE: How to optimize device management in higher education.

Using What You’ve Got: How Higher Ed Can Fight Back

While rising attacks are worrisome for post-secondary schools — a recent EDUCAUSE article notes that cybersecurity attacks are becoming more sophisticated — schools have a built-in defense against these attacks: education.

“As cybersecurity attacks become more sophisticated, user education must try to keep pace,” Potchanant says. “Removing the stigma or embarrassment from reporting a phishing attack to your IT or cybersecurity department is crucial to gaining trust with your user community.”

By giving students and instructors the tools and training they need to identify and report attacks, and by ensuring that they’re encouraged to report these attacks whenever possible, colleges and universities can reduce the risk of attacks that make their way undetected through their networks.

Potchanant also notes that while user training is important, “those of us in IT and cybersecurity cannot expect every user to be an expert.”

As a result, schools must also deploy solutions capable of automatic URL scanning for embedded email links and use tools such as multifactor authentication that make it more difficult for attackers to gain access.

“It’s like having two separate keys to a safe,” Potchanant says. “The chances of a bad actor gaining access to both keys is lower than just one.”

The bottom line? Malware in higher education is growing. With an education-focused approach, however, IT teams can reduce their total risk.

xavierarnau/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.