AUKUS, economic headwinds and persistent cyber crime – insights from our Higher-Education Quarterly Review

CyberCX Education Industry Lead, Lou Robertson, outlines the key cyber security trends facing Australian and New Zealand universities identified in CyberCX Intelligence’s Higher Education Sector Quarterly Review for calendar Q2.

A new quarterly review produced by CyberCX Intelligence provides a holistic view of the Australian and New Zealand (AUNZ) higher education sector’s cyber threat landscape. Here’s a short summary of what we found, what’s changing, and how we are seeing the sector respond.

What we found

Australia and New Zealand’s higher education sector is world class, with ambitions to continue to advance its global connectivity, research excellence and student experience. We saw evidence of this in the recently released QS World University Rankings for 2024 which counted ten AUNZ universities in the top 100, up from eight in 2023.[1]

With this profile comes significant, persistent cyber threats from a range of threat actors. Both cyber criminal and nation state threat actors continue to grow in number, capability and aggressiveness and target weaknesses in universities’ defences.

Our own monitoring of the dark web and data leak sites indicates that just this year cyber extortion groups have claimed at least five Australian education organisation victims.

Higher education institutions are increasingly critical to Australian defence policy and capability uplift programs, such as AUKUS. In May, the Federal Government committed $128.5m to fund 4,000 university placements to provide critical STEM skills for AUKUS. But with this opportunity comes risk. The growth of defence-university partnerships and the intensifying global contest over science and technology are drawing the attention of organised and well-resourced threat actors.

The Russian invasion of Ukraine continues to drive pro-Russia targeting of organisations globally. In fact, eight Australian universities were targeted as part of wider spate of DDoS attacks earlier this year by a group purporting to be an authentic hacktivist organistion, but which CyberCX assesses is affiliated with the Russian state (see A bear in wolf’s clothing: Insights into the infrastructure used by Anonymous Sudan to attack Australian organisations).

What’s changing

Across calendar Q2 we saw some key cyber security trends playing out within the AUNZ higher education sectors:

1. Developments in AI are not just fueling a rethink of teaching and assessment standards. Use of large language models by students and researchers are opening new cyber threat vectors that organisations need to risk manage.

2. Heightened public concern about privacy is adding to the complexity of the sector’s threat landscape and highlighting the importance of safeguarding personal information.

3. Deteriorating regional economic conditions and renewed focus on staff pay and conditions may present headwinds for cyber budgets.

4. Our intelligence team has ranked cyber-enabled espionage, cyber-enabled foreign interference and cyber extortion as the top three threats facing the sector.

Our conversations with University CIOs, CISOs and Councils continue to show the sector’s cyber problems are well understood. The sector regularly seeks counsel from industry and government and organisations are actively benchmarking and assessing their resilience against peers to understand where they can improve.

The top agenda items we saw for cyber leaders in the period included:

1. Tackling data as an enterprise risk

2. Identifying high-risk supply chain relationships

3. Improving cyber crisis management responses

4. Expanding secure research capabilities and programs

The threat environment is dynamic and fast-moving. Our responses need to be too. These responses need to engage security leaders and teams but also, critically, the wider higher education community of staff, researchers, students, industry partners and other stakeholders.

Echoing the Australian Minister for Cyber Security, cyber security is a team sport and through the Council of Australasian University Directors of Information Technology (CAUDIT), Australasian Higher Education Cybersecurity Service (AHECS) and peer relationships the sector is uniquely placed to collaborate and protect itself and the communities it serves from harm.

You can learn more about the CyberCX Intelligence team and stay across their regular Cyber Intelligence Insights here.

You can also contact me for more insights on the Higher Education sector at [email protected]

[1] The Age: University of Melbourne sets new high in world rankings – 28 June, 2023