Edition 227 - March 2020

Cyber threats in higher education

The latest wave of cyberattacks at universities in Europe is raising a question of how higher education institutions can work collectively to fend off such threats in the future. In the past few months alone several universities in the Netherlands, Germany and Belgium have been victims to cyberattacks, the latest being ULB (Université Libre de Bruxelles) in late February. While the investigation is underway to identify the perpetrators and in case of ULB, no payoff was demanded, last December the University of Maastricht had to pay high ransom to the hackers, who “took control of servers critical to email and the storage of research results, initially using phishing emails to break in”, as reported by the Times Higher Education.

Single universities are seen as an easy target since their systems host high numbers of students using their own devices and of researchers openly sharing information, in addition to a lack of state-of-the-art technological infrastructures and often scarce resources to upgrade security systems, which makes them particularly fragile when faced with highly sophisticated cyberattacks. Access to highly sensitive data puts both university staff and students at danger knowing that criminals likely use the hacked data to sell them on the black market.

Faced with the same challenge, the universities in the US and Canada are already creating joint security centres in a collective effort to build more resilient systems and ensure faster response time to potential threats. Australian institutions have done the same with the government’s support. If the trend of cyberattacks to higher education institutions continues, as suspected, the universities in Europe may need to follow suit in joining forces in order to protect their staff, students and research results. The University of Maastricht has published a report in English summarising the findings of the attack and sharing some lessons learnt.

THE

The Brussels Times

Le Soir

University of Maastricht website (with the report on the attack in English)

(back to newsletter)