Colleges and universities are increasing targets for cybercrime operators. Rutgers University and Fairleigh Dickinson University were both recently hit in cyberattacks. Both schools’ networks were shut down for nearly a day. In 2014, Indiana University and the University of Maryland were victims of cyberattacks. Indiana had 146,000 records exposed and Maryland had 300,000 records exposed. Colleges and universities face cybersecurity challenges similar to those faced by government and major commercial institutions. Investigators in this area describe the attack techniques on educational institutions as the same level of sophistication as used in international espionage. What does this mean for the institutions and the law firms that represent them?
The basic cyberprotection problem with colleges and universities is the nature of the institutions themselves. Government and commercial institutions often prohibit employee access to certain Internet sites—such as social media or gambling and pornographic sites—or they limit access to professional technical websites. Educational institutions, however, tend to be more open as they want to provide their students with online resources to support the school’s academic mission. Therein lies the problem. Once admitted to the university, students are granted access to the school’s Internet system. Unlike an employee for a government agency, where access is limited to certain sources, the students, especially those working on research projects, have almost unlimited capacity to contact and download numerous websites from the Internet. This is especially true when the student utilizes his or her own computer. Many of those websites are easily infiltrated by hackers. If those infiltrated websites are downloaded to the university system, the virus travels within the website, and then can enter the university or college computer system. Thereafter, the hacker is free to roam about looking for opportune targets. Many departments within the institutions have extra protection, but because of the nature of the academic institution, some departments are easily breached. As a result, the security postures of an institution’s different divisions—academic, administration, student life and athletics—have direct impact on each other. Poorly maintained and unpatched systems in one network could lead to the compromise of other systems across the school’s entire internal system.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]