Universities ‘need joint security teams to counter cyber threat’

Universities in the Netherlands, Germany and Belgium have all suffered recent attacks, prompting calls for institutions to join forces

March 10, 2020
Source: Getty
Advanced North American universities are pioneering collective cybersecurity

Universities must create joint cybersecurity teams to protect themselves against ever more sophisticated hacking attempts, according to the vice-president of a Dutch university hit by a ransomware attack over Christmas that forced the institution to pay the equivalent of about £175,000 to criminals.

Maastricht University’s Nick Bos said one of the lessons of the attack was that it was increasingly untenable for universities to each rely on their own security systems.

On Christmas Eve last year, Maastricht raised the alarm after hackers took control of servers critical to email and the storage of research results, initially using phishing emails to break in. It took more than a month to restore all systems – and the payment of 30 bitcoin to the attackers.

In a report looking at what went wrong and how to stop future attacks, Dr Bos called on universities to join up their security systems, pointing to collaborations already under way in Canada and the US.

“It’s not just a question of whether universities can afford it,” he told Times Higher Education. “There is not much choice here; we will have to invest in greater cyber resilience.”

Since the Maastricht attack, Dutch universities have stepped up joint efforts, he said, discussing whether they could collectively monitor their IT networks around the clock, for example. Meanwhile, Dutch healthcare institutions are already setting up their own security operations centre.

There are concerns that universities make relatively soft targets for cyber-attackers, because they host thousands of students using their own laptops, and researchers used to the open sharing of information.

The Maastricht attack was just one of several to hit European institutions in recent months. Last December, thousands of students at Justus Liebig University Giessen had to queue up to receive new passwords manually after a cyber attack. In October, the University of Antwerp’s email and student information systems were affected in a separate incident.

“There is a real race, even battle, going on with internationally operating cyber-criminal organisations,” said Dr Bos, who predicted that universities would have to make “substantial extra investments” in cybersecurity.

Dr Bos pointed to North America, where a number of universities are pioneering collective cybersecurity.

In 2018, Indiana, Northwestern, Purdue and Rutgers universities and the University of Nebraska formed OmniSOC, a joint cyber security centre, arguing that individual university systems were not enough to fend off mounting attacks.

The idea is that the centre can monitor all university networks at once for suspicious activity, thereby detecting an attack more rapidly. The joint centre claims to be the first of its kind.

Six Canadian universities are also trialling a joint security centre explicitly modelled on OmniSOC. In 2018, McGill, McMaster and Ryerson universities, along with the universities of Alberta, British Columbia and Toronto, formed CanSSOC in response to an “unprecedented” increase in the scale and complexity of threats.

“As a result, the associated scope and costs of successful early prevention, detection and mitigation are unsustainable by one single institution,” the group warned.

david.matthews@timeshighereducation.com

POSTSCRIPT:

Print headline: ‘Joint cyber task forces needed’ to combat attacks

Register to continue

Why register?

  • Registration is free and only takes a moment
  • Once registered, you can read 3 articles a month
  • Sign up for our newsletter
Register
Please Login or Register to read this article.

Related articles

Reader's comments (2)

Could we apply the same logic to heavy speeding fines on motorists here. You speed at 50 in a 30 zone, the odds are nothing will happen, but 1in 100,000 times you kill someone, so we have penalties, fines, even banning, for what seems a trivial victimless offence. With hackers, they get away with it 99,999 times in 100,000 so there is a strong incentive to try an attack. So for any hacking, have truly draconian penalties, like 10 years prison, then far fewer people would dare try it despite the low odds of being caught. And make cryptocoin providers like Bitcoin have a backup register that - with a suitable court order - the Govt can access, and trace who was paid what by whom - at some point Bitcoin has to be converted into real currency and that is where we could catch the hackers.
No mention of operating systems again.

Sponsored