American universities are being bombarded by cyberattacks, according to a recent New York Times article.
These universities are being hit with millions of hacking attempts per week, and some of those attempts have succeeded in obtaining personal and other data.
Unfortunately, at times these data compromises are not discovered until long after the fact, if at all.
Cyberattacks Present Real Threat
Undoubtedly, information held by universities can be sensitive and valuable. Not only do universities have identifiable personal information relating to students, faculty and others, but they also house important intellectual property, as universities are on the cutting edge of patent development in many areas.
In terms of volume, some universities report that the number of cyberattacks they experience are doubling every few years, and the University of Wisconsin reported hacking attempts on the institution up to 100,000 times per day from China.
The New York Times reports that most of the hacking attempts on American universities emanate from China, yet hackers are adept at covering their tracks by routing their attacks across various computers and, at times, multiple countries.
Therefore, while it appears that China is the critical source of many of these attacks, it is very difficult to pin the attacks on specific organizations or individuals.
Securing University Data
In the wake of increasing cyberattacks, some universities are beefing up their computer security systems, while others are preventing their professors from taking laptops to certain countries.
Universities’ systems characteristically can be difficult to secure, as a great number of students, faculty and staff have the ability to sign in from their own computers. As a result, some universities are keeping the “external shells” of their systems relatively open, while locking down more sensitive information within “smaller vaults” with encryption.
Given the current state of affairs, American universities should do everything they reasonably can to protect vital information.
Eric Sinrod is a partner in the San Francisco office of Duane Morris LLP, where he focuses on litigation matters of various types, including information technology and intellectual property disputes. You can read his professional biography here. To receive a weekly email link to Mr. Sinrod’s columns, please email him at ejsinrod@duanemorris.com with Subscribe in the Subject line. This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author’s law firm or its individual partners.