REGION — As cyber and ransomware attacks are on the rise against higher-learning institutions, North County colleges and universities say they are confident in their ability to withstand such intrusions.
According to Jacob Doiron, a cybersecurity researcher at San Diego State University, colleges make ideal targets for hackers for a whole host of reasons, chief among these being a lack of funding for cybersecurity at schools as well as the relative openness of college networks that allow tens of thousands of users to connect to systems at any given time.
“Criminals want to go after targets that have a balance of low security and a high need to pay the ransom quickly…universities have a need to get everything back online quickly, and university and college IT and security departments tend to be chronically underfunded,” Doiron said.
Doiron added that even well-funded college IT departments are at a significant disadvantage due to the open nature of a college network — it takes just one unwitting user clicking on a malicious link to give cybercriminals the foothold they need in the system.
“You have so many users at a college who may or may not be well trained when it comes to cybersecurity…it’s likely you can get a least one person to click on a phishing link just given scope and scale…there’s so much complexity to keeping the network protected every time, and the hackers only need to succeed once,” Doiron said.
Cyberattacks against higher-ed institutions have skyrocketed nationwide in the past couple of years, with the FBI issuing an advisory warning earlier this year. Between 2019 and 2020, the number of ransomware attacks on colleges around the world doubled, and cybercriminals’ average ransom demand tripled, according to intelligence reports by two cybersecurity firms.
Just over one year ago, Cal State San Marcos was the victim of a major cyberattack that threatened to compromise vast amounts of data kept in the school’s critical systems, according to Kevin Morningstar, the school’s Dean of Instructional & Information Technology Services.
While the attack was ultimately thwarted with the help of a third-party cybersecurity team, the incident heightened the importance of taking a proactive approach to ensuring the integrity of the university’s online systems, said Morningstar.
Since last year, CSUSM has deployed a multifaceted cybersecurity strategy to stop further intrusions, the dean said. One crucial element to this strategy has been the universal implementation of multi-factor authentication—an online mechanism whereby a user must provide two or more pieces of evidence to verify their identity before being granted system access.
Secondly, Morningstar said that security around the college’s most critical systems has been tightened and layered, with some administrative systems being so secure that a user has to be physically present on campus in a specific location to use them.
Third, the school’s systems are now segmented in such a way that even if, for instance, an administrator’s username and password credentials are stolen, the compromising of one system will not result in the entire network being similarly compromised.
This type of “network segmentation” is crucial in a successful proactive approach to cybersecurity, Doiron said.
If systems are not properly segmented, a single security breach in the network can allow hackers to “tunnel” from one system to another and potentially significantly increase the amount of damage done. For instance, a hacker with initial access just to the school’s learning management system could subsequently gain access to the college’s registrar system or the accounts payable system.
At Palomar College in Escondido, administrators have implemented a variety of added security measures in recent years, including network segmentation, multi-factor authentication, and increasing cybersecurity awareness among students, staff, and faculty, according to Mike Day, the school’s director of information services.
Day credited Palomar not having a major cyberattack in seven years to a recent concerted effort to bolster cybersecurity in a whole host of areas.
“We have a lot of tools in place here from Endpoint security to DLP (data loss prevention)…we’ve implemented robust system firewalls, email encryption, and a variety of threat monitoring tools in place…we have very robust rules when it comes to access to our systems,” Day said.
The awareness element of the school’s approach is crucial, as campus users who are educated about the dangers posed by hackers will be less likely to click on malicious links or be fooled by email scams, Doiron said.
“User education is a big one, just getting everyone to adopt that mentality that security is everyone’s responsibility…the weak link with cybersecurity is usually humans—a lack of knowledge, a lack of information, and a lack of training.”
At Palomar, a concerted effort by school officials to educate campus members on issues of cybersecurity seems to be paying off, Day said.
“More recently in just the last year, students and employees seem to be more aware about this stuff; when they get a suspicious email they report it and say this looks weird, is this for real…that’s because of our education campaign and communication,” he said.
Day expressed confidence in Palomar’s ability to withstand future cyberattacks while acknowledging the gravity of the threat posed by increasingly sophisticated hackers.
“We’re fairly confident but we just always have to be on the lookout,” Day said. “Folks are getting sophisticated these days with their attacks.”
Day also echoed Doiron’s point that IT departments at many colleges, including Palomar, are underfunded and understaffed, putting them at a disadvantage in the fight against hackers.
“They’ve [the cybercriminals] got a lot more resources than us, a lot more tools…and we’re a prime target because of the openness of our networks and the rich data that’s in our systems.”
