Higher Education Faces Rising Cyber Attacks in 2024

Ever since Robert Tappan Morris launched the notorious Morris worm back in 1988 from MIT’s network, cybersecurity and higher education have been inextricably linked. For threat actors, higher ed institutions are attractive targets—attacks surged in 2023 and continue to increase in 2024. Here’s more on rising higher education cyber attacks and some potential ways to tackle the problem. 

Cyber Attacks in Higher Ed: The Numbers

A slew of stats from reports and surveys highlight a trend of increasing cyber attacks on universities, community colleagues, and technical schools. A report from Malwarebytes noted a 70% increase in ransomware attacks against the higher education sector in 2023. In the UK, a government survey found that 97% of higher education institutions identified a breach or cyber attack in the past year. 

The allure of the higher education sector for cyber attacks stems from a perfect storm of factors weighing in favor of hackers, including:

• The vast amounts of sensitive data like student records, financial info, and research data, all of which is valuable to cybercriminals for extortion, theft, and fraud.

• Institutions in this sector operate with tight budgets and might not have the resources to invest in dedicated cybersecurity staff or more secure systems. 

• Students and faculty, using their devices on the network, are unlikely to have extensive cybersecurity training or awareness, which makes them more susceptible to phishing attacks and social engineering tactics.

• Many universities have open networks and a diverse range of devices connected to their systems, including personal devices used by students and faculty. This increases the attack surface and opens up a lot of avenues for hackers to gain access.

Recent High-Profile Higher Education Cyber Attacks

You don’t have to sift far back into the news archives for some pertinent examples of the cybersecurity threats facing universities and other institutions. In 2024 alone, some of the following higher education cyber attacks have made news headlines:

Kansas State University

The year began with an announcement that Kansas State University had suffered a cyber attack that knocked several parts of its IT infrastructure offline. Affected systems included an email service and the university’s wireless network. A mandatory password reset for eID also inundated the university’s help desk, as students need this eID account to enroll in classes and access other important services. 

University of Winnipeg

Almost 1,000 miles north of Kansas, across the border in Winnipeg, the University of Winnipeg suffered a cyber attack in March 2024. The incident led to immediate disruptions with delayed exams, canceled classes, and internet services knocked offline. The perpetrators managed to access and steal data belonging to current and former students and employees stretching back to 2003. 

Frankfurt University of Applied Sciences

Over in Europe, the Frankfurt University of Applied Sciences got hit by hackers in July 2024. The incident led to a total shutdown of the university’s IT systems. Even the elevators in the campus buildings became non-functional, such was the reach that threat actors had into the IT infrastructure. This incident followed a spate of similar cyber attacks on German universities.

Tackling the Problem with Increased Incident Reporting Obligations?

In the US, it appears that CISA believes one way to tackle this problem is to designate all colleges and universities that participate in Federal Student Aid programs as a critical infrastructure sector. This proposed designation would lead to colleges and universities having to implement the stringent incident reporting requirements of the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). 

A lengthy letter addressed to CISA Director Jennie Easterly shows that higher education institutions don’t believe this is the right way to deal with rising cyber attacks targeting the sector. Among the grievances expressed in the letter was a lack of consultation directly with the sector about the proposal. Moreover, the letter outlines concern about “the extent to which the burden of redundant reporting requirements…will be exacerbated rather than relieved as a result of the proposed regulations,” especially given the “reporting burdens and resource constraints that higher education institutions must already manage.”

It does seem intuitive that imposing new reporting obligations is likely to overwhelm already stretched (and limited) cybersecurity resources. Reporting obligations are also inherently reactive; they come after a breach has occurred, which means they do little to prevent attacks in the first place. The real focus should be on proactive threat identification and risk mitigation. Investments in threat intelligence, more practical staff training, and robust security frameworks would offer more meaningful protection against cybercriminals than simply mandating disclosures. 

An important risk reduction strategy is managing and reducing the attack surface. Universities usually have sprawling networks with lots of access points—open Wi-Fi, student portals, research databases, subdomains, and administrative systems—all increasing the attack surface. By employing tools and strategies that map, monitor, and reduce this attack surface, institutions can identify vulnerable entry points and limit opportunities for hackers. This involves decommissioning outdated systems and portals, restricting unnecessary access, and segmenting networks. 

One of the most hands-on and effective ways to bolster defenses is through cyber range training. These simulated environments replicate real-world attack scenarios in a controlled setting. IT staff, cybersecurity students, and even faculty can practice identifying, responding to, and mitigating cyber threats in real time. Cyber ranges enable institutions to train personnel on dealing with DDoS attacks, malware, phishing, and other likely threats without putting actual systems at risk.

Cloud Range is a leading cyber range-as-a-service that offers a customizable, hands-on simulation environment that your security teams, students, and faculty can access virtually. FlexLabs programs let you target and strengthen specific cyber skills with over 1,500 labs designed for all knowledge levels. This is a cost-effective and scalable way for higher education institutions to build up their cyber defenses through practical, team-based exercises and stem the tide of increasing cyber breaches. 

Request a Cloud Range demo.