Universities and scholarly publishing may not seem like likely targets of cyber criminals, but in fact, they are the third most targeted sector in the United States, behind financial institutions and governmental entities. Data and information stolen by hackers can be used in a variety of ways (e.g., to commit fraud, to steal intellectual property). And these hackers use a variety of methods to commit these crimes and get their payout. The payout is not necessarily financial, however. Here’s why universities need to take a close look at their networks and cybersecurity practices.
Higher education is an attractive target for cybercriminals
If the fact that the higher education sector is the third most targeted entity in the United States surprises you, just consider the vast amounts of personal data that academic libraries hold. That alone makes them an attractive target for hackers. But when you also consider that universities are often well connected to policymakers, government researchers, and nongovernmental organizations, you can understand why they are frequent targets for intelligence collection. Another reason they are targets of cybercrime is that higher education tends to be stretched thinner than other industries in terms of cybersecurity resources.
Types of cyber threats
It’s natural to think the reason behind most cyberattacks is a quest for financial gain. In academic publishing, however, there is another type of cyberattack: a cover for malicious campaigns. For example, a phishing campaign (i.e., fraudulent emails that are intended to trick the recipient into sharing sensitive information or accessing corrupt links or documents) involved hackers who were pretending to be members of Cambridge University in an effort to gain trust from the recipients and ultimately entice them to open malicious documents. Often, cybercriminals will use email credentials that, at first glance, appear to be from legitimate email accounts of editors, students, or researchers. Upon looking closer, however, the recipient will likely notice minor errors that indicate it is not authentic.
Another example of state-backed cybercrime is Sci-Hub. Sci-Hub is an online repository containing more than 80 million research papers, many of them illegally obtained. The website uses a variety of methods to harvest this content, such as abusing legitimate login credentials to access computer networks of major universities or hijacking “proxy” credentials of legitimate users that facilitate off-campus remote access to university computer systems and databases. There is suspicion that the site’s founder may be working with Russian espionage agents to steal U.S. military secrets from Department of Defense contractors. Academic should block access to this site.
Fighting cybersecurity threats must be a joint effort
Academic publishers cannot tackle these threats alone. It must be a joint effort with librarians, university network security professionals, and others entrusted with university cybersecurity. In the spirit of unity, the Scholarly Networks Security Initiative (SNSI) brings together publishers and institutions to solve these challenges. An experienced security consultant works with your institution for 6 to 12 months to develop a strategy for digital anti-piracy and deliver cross-company initiatives within academic publishing. SNSI also will explore how the dangers related to Sci-Hub use can be included in information literacy and other library outreach programs.
Academic institutions need to enact safety and security measures to address cybersecurity within their networks. An important step in this initiative is to tighten authentication and access controls and promote security awareness among staff, researchers, and students. It’s important to educate everyone about how to detect malicious emails, phishing scams, and potential fraud, as well as what to do if they suspect a malicious email or other cyberattack has been attempted or occurred. Artificial intelligence and machine learning are great tools for automating detection, prevention, and patching to keep research environments secure with fewer cybersecurity resources.
Theft of personal data or other sensitive information can impact students, researchers, and faculty in many ways. Even beyond individual effects from cybercrimes, these attacks can damage not only the value of research, but also the reputation of the institution and overall access to knowledge. Publishers, researchers, and universities must work together to mitigate the impacts of cybercrime on the academic community.