Cyber threats against universities are increasing in frequency and sophistication. Cybercriminals are increasingly targeting colleges and universities to gain access to sensitive assets and carry out attacks that affect the confidentiality, integrity, and availability of their information at various levels of complexity.
A persistent challenge for these institutions is the allocation of adequate budget and resources to find a balance between asset management and proactive cybersecurity protection.
In the past year, several institutions faced significant security incidents. For example, the University of Oxford in the United States experienced a targeted espionage attack in February, specifically aimed at its COVID-19 research area. Similarly, the University of Córdoba in Spain encountered an incident that compromised the security of confidential documents, prompting the entire university community to change their passwords. In Colombia, recent attacks targeted Universidad Javeriana and Universidad El Bosque, where cybercriminals not only took control of their Twitter accounts but also gained access to the computer systems containing institutional email accounts. These events should serve as stark reminders to the entire sector, underlining the need to strengthen their cybersecurity strategies to prevent becoming the next target of such attacks.
«University systems comprise diverse components that require robust security measures, since they are considered enticing targets, or “gold mines” for cybercriminals seeking to steal personal and financial information from thousands of people (both students and staff), as well as valuable data from research and development projects. This wealth of data provides significant motivation, indicating that threats to the sector are bound to keep rising.» warned Juan David Moreno, Country Manager of Dreamlab Technologies in Colombia.
To tackle these challenges, CyScope offers bug bounty programs that provide ongoing security assessments at an affordable and manageable cost. The platform aims to help educational institutions adopt a proactive approach by continuously evaluating their security posture and existing controls.
«Most universities do not conduct systematic evaluations of their technological environments or internal cybersecurity measures and processes of their providers to understand their level of exposure to risk. CyScope’s bug bounty programs enable them to identify vulnerabilities, learn how to address them, and ultimately establish a vital protective cycle.» concluded Laura Gaudino, Product Manager of CyScope.