The academic sector faces a variety of security risks, ranging from physical threats to cyber adversaries targeting student data and personally identifiable information. It continues to be one of the most highly targeted sectors from a cybersecurity perspective. In 2022, CrowdStrike, a global leader in cyber threat intelligence, observed the sector facing a number of targeted threats – such as ransomware and activities exploiting IT user identities – which caused a number of institutions significant disruption including mission critical systems being taken offline and cases where attackers used stolen user credentials (eg user names & passwords) to log into an institution’s systems to steal data with intent to monetise.
CrowdStrike categorises adversaries into three main groups: nation state actors; eCrime; and Hacktivists. In the education community, CrowdStrike has seen substantial eCrime activity as well as nation state operations, including those associated with China, the Democratic People’s Republic of Korea (DPRK) and Russia. Nation state actors tend to have geopolitical or financial motives and their methods involve disruption or espionage whereas eCrime actors are motivated by financial gain and tend to conduct data theft, extortion or fraud to achieve their mission.