Schools and universities had already been top targets for cybercriminals. Now add to that the potential for cyberattacks from Russia. For Penn State, that has meant stepping up its cybersecurity efforts.
Keith Brautigam, Penn State’s interim chief information security officer, said in an email that the university has security standards designed to protect it from attempts to steal data or disrupt operations.
Brautigam said even before Russia’s invasion of Ukraine, as tensions began to escalate, Penn State heightened its monitoring for potential threats to its systems and data.
"In the weeks since the invasion, OIS has been working closely with IT units across the university to strengthen vulnerability detection and quickly remediate vulnerabilities that are known to be in use during the conflict in Ukraine," he said. "IT also has maintained its focus on universitywide efforts to enhance firewall protection and increase email security measures. These efforts help to stop threats from reaching university networks."
Several factors, including the COVID-19 pandemic, make colleges and universities prime targets, according to experts.
Peter Forster, a Penn State professor emeritus in security and risk analysis, said in general, universities have a wealth of information, including research and student data, along with a lot of ports of entry.
“I would say that the threat of Russian interference within the United States in the cyber realm, and potentially at universities … it has risen because of Ukraine," he said.
In a typical 90-day window, Penn State receives about 145 million legitimate emails and blocks about 66 million spam and phishing messages.