Higher Education’s Lessons on Cybersecurity

DDoS Attacks Invasion of Business Data

Higher Education
Jamal Bethea

As my colleague discussed back in September, one of the widest ranging threats to an educational institution’s Information infrastructure today are Distributed Denial of Service (DDoS) attacks - specifically, DDoS as a smoke screen as a diversion tactic for the invasion and exfiltration of business data.

In a recent published in University Business, it was found that since 2005, higher education institutions have witnessed more than 500 breaches that have resulted in 13 million records stolen –the highest number of breaches of any industry sector - and it is a trend that’s continuing to grow.

Also reported in the article was a recent attack at the University of Maryland where the records of more than 300,000 people affiliated with the university were compromised. In Wisconsin, it was reported that one university was the target of between 90,000 to 100, 000 breach attempts per day by a nation-state.

Why are attackers targeting higher education institutions?

These institutions hold the personal information of employees and alumni dating back years, including birth dates, identification numbers and Social Security numbers. But even more valuable is the intellectual property universities store on their networks. Research universities are doing cutting edge work in a variety of sectors, from science and drug development to robotics and everything in between.

The need for collaboration and the free flow of information – the foundation of higher education - makes network security a tremendous challenge. Institutions have the daunting task of securing multiple open-networks used by different departments, off-campus facilities, students, faculty and staff.

The Impact

Educational institutions can be subject to fines, class action lawsuits and remediation costs in the aftermath of a successful cyberattack. Many times institutions are required to pay for forensic examinations, information call centers, and even free credit and identity monitoring to those affected. The 2015 Cost of Data Breach Study conducted by Ponemon Institute found that the average consolidated total cost of a data breach increased 15 percent in the last year to $3.5 million.

The Solution

It is clear that these attacks will continue so security needs to be at forefront of an institutions’ overall business plan. In the end, a comprehensive multilayer DDoS defense solution that can protect network availability, it can help prevent data breaches as well by blocking outbound activity from compromised hosts.

It’s time higher education institutions stop being schooled on the importance of cybersecurity solutions. To see the value for yourself, take a look how Arbor helped a group of state and regional educational organizations after they experienced a series of DDoS attacks.