As with many other areas of society, the pandemic hasn’t changed threats to cybersecurity in higher ed but has amplified those that already exist, say experts.
Phishing attempts are up as hackers try to take advantage of the uncertainty pervading campuses and confusion about things such as testing. As more classes have gone hybrid or online, Zoom bombers and the like are back at it trying to disrupt video sessions. Perhaps most significantly, campus research institutions are seeing an uptick in attacks from groups associated with nation states as they try to steal data about coronavirus vaccine trials and other COVID-19 research.
The Threat: Phishing scams
“What we're seeing more of right now are people taking advantage of a lot of the disasters or worries that are out there,” says Sandy Silk, director of IT security education and consulting at Harvard University.
Emails about free coronavirus testing or time-off policies can be easy to fake. “We have a lot of information coming to us in email and other ways, too,” says Silk. “And we're exhausted from everything spinning. So even the best of us are probably apt to click on something just without thinking.”
How to guard against it
“I'm hoping that most schools are encouraging two-factor authentication wherever they can,” Silk says.
With two-factor verification, a hacker won’t be able to access your accounts even if they’re able to steal your password. Some learning management systems, such as Google Classroom, have this capability built-in, and Silk urges faculty members to encourage students to use it.
She adds faculty should store data on their university systems, which are vetted by their IT teams and updated constantly.
The Threat: Attacks from nation states
“Our number one concern right now has been attacks from nation states specifically focused on Covid-19 research,” says Curtis A. Carver Jr., vice president and chief information officer at The University of Alabama at Birmingham. “We're definitely seeing a lot of activity, as people are trying to break in and they're targeting those researchers, trying to get into those particular systems.”
At UAB researchers are studying a potential coronavirus vaccine. In July security officials in the U.S., United Kingdom, and Canada warned that a hacking group associated with Russia was targeting institutions associated with coronavirus research.
Carver says that while similar attacks occurred in past years, incidents have intensified since the pandemic began. “These are very sophisticated attacks and it's probably every single week the FBI is reaching out to me,” Carver says.
How to guard against it:
UAB has an extensive Defense in Depth security system that researchers are required to store data behind, and which so far they believe has fended off attacks.
“It's always hard to determine whether you're successful or not; it appears that we're being successful,” Carver says. “We have communicated with our research community that they are under attack and to follow the appropriate protocols.”
It’s also a reminder for all researchers and faculty to store any sensitive data on the universities’ approved systems, as you never know who might be trying to hack into the system and how sophisticated an attack may be.
The Threat: Zoom bombing
While Zoom has become the most prominent video conferencing tool, Silk says other communication platforms are also vulnerable to Zoom bombing if not protected.
“If you are just using the same personal room all the time without any passcode, as soon as that gets posted anywhere public, it's not secret,” Silk says. “Once it's posted publicly and shared, if you've never changed it, anyone can tune in at any time to something in your Zoom, WebEx, Microsoft Teams, whatever it may be.”
Hackers can even find links to video conferences that have never been posted. “There are tools that will go out and look for those potential combinations of letters and numbers that will give you a real Zoom conference,” she says.
How to guard against it:
Setting up your video meetings with your learning management systems will put them behind the two-factor authentication system your institution hopefully has in place, Silk says. In addition, passwords and waiting rooms should be used, and the host needs to be aware of capabilities. “How do I kick people out? How do I lock the meeting once everybody's there, so no one else comes in?” Silk says. She adds, these are important tools for hosts to familiarize themselves with.