Cyberattacks are on the rise. Statistically a ransomware attack occurs every eight minutes and over the past years, academic institutions have increasingly been targets of these attacks.
According to Alan Brill, Senior Managing Director in the Cyber Risk practice of Kroll, and a fellow of the Kroll Institute one of the reasons for these recent developments is that libraries are increasingly closer connected with the university’s overall network. While in the past universities and libraries operated on separate systems, this connection gap has now been removed, which is being exploited by cyber criminals. Academic institutions are of particular interest to criminals due to their large amount of personal and research data, says the Scholarly Networks Security Initiative. According to a report by the National Cyber Security Centre the university sector was the third most vulnerable to cyberattack.
What measures should libraries take?
One of the risks that Brill has identified through his work is that cyber responsibilities are often solely passed on to the IT or risk management departments. He explains that it is important that every part of the organization is aware how to keep data secure. If for example a university operates a bookstore on campus that offers credit and debit card payments, it is important, that they follow payment card industry standards. The same is true for any other operations, such as for example a healthcare facility on campus.
Libraries hold a huge amount of non-public research information that can be exploited by criminals for economic value or international espionage. If researchers at a university are for example involved in drug trials and criminals find out what is being tested and can access results, this information could be used to manipulate the stock market. At the same time international espionage is on the rise and governments are working with academic universities to protect their research. The US government announced earlier this year measures to protect science from foreign spies and also European universities have been encouraged to increase their security after a Dutch university was victim of a ransomware attack over the Christmas period in 2019.
It is becoming increasingly important for institutions to invest in cybersecurity measures and use of technologies, processes and controls to protect, networks, programs, systems, devices and data from cyberattacks. We invite you to explore Springer Nature’s resources to support the Library’s role in Cybersecurity and Risk Assessment and to listen to Alan Brill’s podcast series on this important topic here.