Do they need to hack a UNI anymore?
Just set up a Bike Sharing service in a university town and with many students to install the App.
Allow sharing of...
Who's hacking into university systems? Here's a clue from the UK higher education tech crew at Jisc: the attacks drop dramatically during summer break. A new study from Jisc (formerly the Joint Information Systems Committee) has suggested that rather than state-backed baddies or common criminals looking to siphon off academic …
Sometimes the attacks are subtle, elegant and amusingly pointless.
At a university that we shall call the University of Elbonia some years ago, some Computer Science undergrads obtained images of the fingerprints of the head of department by means devious and sly. They encoded these images into a buffer overflow attack in Postscript, conducted against the Computer Science printers, and managed on Friday night to reprogram these printers so that somewhere on every sheet of printing was a copy of one of the Head of Department's fingerprints, printed in very pale greyscale.
This was left in place over the weekend, then reversed using the same vulnerability on Sunday night. The CS staff were later quietly informed of the vulnerability and how to patch it.
I've worked in a few uni's - Some have good control of their desktops, others do not. I doubt its student and staff themselves causing this activity, its more likely botnets that are running on PCs and these PCs are turned off in the summer. Also many uni's have their residences go over Janet too, we got rid of this years ago and they use an ISP now, since then the number of internal security issues has decreased ten fold.
The kind of data held by universities (student records/intellectual property) is a valuable commodity for cyber criminals, so it is crucial that the security and education sectors work together to protect it.
It might also be that schools have notoriously bad security practices and IT staff more underpaid than in other sectors, possibly not having any dedicated to security. Many educators are uninterested in working with security because it "gets in their way". I wouldn't expect this to change any time soon.