Cybersecurity has never been more important to Australian tertiary education businesses.

With exponential growth in remote work and online learning accelerated by digital transformation and Covid-19, providers in vocational, international and higher education have all been forced to confront old and emerging cybersecurity threats at a time when the focus is on business survival.

What type of threats should educators be aware of? Here are 5 worth nothing right now.

1. Phishing (and social engineering)

Phishing (and social engineering) attacks are the perennial list-topper of cybersecurity threats.

Occurring when cybercriminals dupe someone into opening emails, instant messages or text messages to gain access to sensitive information like login details, credit card numbers or computers, they have become more sophisticated in style and method and harder to detect.

For example, spear-phishing attackers now target high value targets in organisations. Others mastermind social media account takeovers or clone accounts to engineer access to existing relationship networks, using those to obtain valuable information under false pretenses.

2. Ransomware 

Ransomware is another regular in lists of cybersecurity threats - and with good reason.

Ransomware attackers encrypt files on a computer or network and then demand a ransom for their release. From small education businesses to large institutions, ransomware can be a significant risk - for example, student data in on-premise services could be encrypted and held hostage for money.

There has also been a rise in double extortion attacks, where ransomware attackers steal data as well as encrypting it. If the business does not pay the ransom, this information can then be made public or sold off, leading to a data breach that can effect education brand, students or staff.

3. Remote vulnerabilities during Covid-19

Have you heard of a Zoom bombing?

No, this isn’t when your computer self-destructs five seconds after you log in to a Zoom meeting. It’s when an uninvited person finds a Zoom link to an upcoming meeting and then gains access as one of the guests, sometimes sabotaging the meeting by sharing things like pornography.

While this can be somewhat harmless, other vulnerabilities have surfaced with more remote work.

This includes cybercriminals exploiting poor password security on an explosion of virtual private networks (VPNs) to gain access to business networks, and ‘thread hijacking’, where a hacker gains access to an email account and responds to an email thread with malicious attachments or links.

With many employees using computers and devices not protected by the primary cyber defences of a business, attackers are likely to continue to target these remote working related vulnerabilities and have more success with workers who are more often at home without back-up IT support.

4. Cloud security

Is the cloud secure?

It’s one of the top questions we face as a cloud SaaS provider. Though the cloud has been around now for a long, long time, customers still have concerns about whether their data is safe when it’s not under lock and key in a humming server room somewhere down the hall of their own office.

Fortunately, IT intelligence firm Gartner has an answer. The cloud is secure – if used the right way.

Cloud security continues to rely on robust practices from the cloud user. While a public cloud vendor might have leading edge security (ReadyTech is certified against the global ISO 27001 Information Security Management Standard), a customer still needs to safeguard security on their end.

This includes everything from guarding against phishing and social engineering attacks against their own employees (yes, there phishing is again) to good password management and preventing accidental sharing of confidential data by employees. Education, people and processes count.

Gartner says if IT professionals were to change the question from ‘Is the cloud secure?’ to ‘Am I using the cloud securely?’ they would eliminate almost all their concerns around cloud. It estimates that through to 2025, 99% of cloud security failures are likely to be the customer’s fault.

 5. Identity management

Identity management is a challenge for the education sector. Larger providers like TAFEs or private higher educators often have many systems to manage and can open themselves up to more risk when they expect students to manage multiple credentials across different technologies.

The answer to this (and something the cloud does very well) is best practice identity management using Single Sign On (SSO) with Multi-Factor Authentication (MFA). When educators expect students to self-service across multiple systems, consolidating identity management with SSO is crucial.

When implemented alongside MFA, which requires a student to use two forms of proof (like another device or account) to confirm their identity, as well as student education around good password hygiene, educators can guard against identity management risks for them and students.