Post-secondary schools a ‘prime target’ for cyber crime

George Brown security system blocks around 500,000 malicious emails per week, according to college 

Digital threats evolve as online technologies and platforms grow. For each new system, hackers come up with a new malicious software or technique to break in.

According to Canada’s Cyber Security Strategy, cyber viruses and malicious code are continually evolving to evade the defences and antivirus software, and the frequency and severity of the threats has accelerated recently.

Source: RCMP

Institutions that work with a large amount of sensitive information are more exposed than others. 

“A lot of people don’t realize that high reputation institutions such as universities and colleges are a prime target for cyber criminals,” said David Shipley, CEO and co-founder of Beauceron Security.

A couple of Canadian universities are well aware of this. Last year, University of Calgary paid $20,000 in ransom after a cyber attack to its systems. And this month, it was reported that the University of the Fraser Valley was attacked by hackers who threatened to release students’ information if the school didn’t give them $30,000. The institution had to suspend access to its web systems and email for days and personal information of 29 students was disclosed. 

As Shipley explained, university and colleges are usually not designed to be secure from an IT perspective because they support an open flow of information.  Would-be hackers also know that post-secondary institutions have a lot of valuable personal information and intellectual property publications.

Rick Mahadeo, IT security manager at George Brown College, said students’ information in the college’s system, and the information it has, is protected. 

“There’s different protection mechanisms in place to ensure that only the authorized users are allowed to view that information,” he said.

George Brown uses several authentication steps to help ensure that only specific individuals have access to user’s personal information at the college. According to information provided by Mahadeo, an average of 500,000 malicious emails are blocked every week by George Brown’s security system.

For Shipley, cyber security is not only about having good technology systems. 

“Cyber security is not formally a technology issue,” he said. “It is a process, people, culture and technology (issue) combined,” he said.

When students share personal information through things like social media platforms, they can have their details stolen or get their accounts hacked. Therefore, prevention is not just an institutional problem, it’s also personal.

The Cyber Review Consultations Report, published by Public Safety Canada in January 2017, found that privacy, collaboration and skilled cyber security personnel are the keys to cyber security.

The consultation suggests a proactive approach, were institutions and organizations should conduct regular audits and system security tests, educate, create awareness, and train their users.

Shipley encourage students to turn on two factor identification in every online service they have, and ask for it if it’s not available. 

“That can dramatically improve your security and reduce the risk, even when they have a bridge and they actually give out your password, if the attacker doesn’t have you other factor, they can’t get your information.” 



Post-secondary schools a ‘prime target’ for cyber crime