Tertiary institutions across Africa are facing a surge in cyberattacks, with universities becoming key targets for cybercriminals, a new report revealed.
According to Microsoft’s latest Cyber Signals report, the education sector ranked as the third most targeted industry in the second quarter of this year, underscoring its growing vulnerability to cyber threats.
A separate study of 60 Kenyan universities found that the majority had experienced hacking attempts while struggling with weak cybersecurity policies and controls.
Notably, leading universities in Nigeria and Morocco have also suffered major breaches, illustrating the widespread nature of the issue across the continent.
The Microsoft report highlights that cybercriminals are exploiting the open structure of universities, which serve a wide range of users, including students, faculty, and staff, adding that this openness makes it easier for bad actors to gain access.
In addition, universities’ reliance on email systems for communication has made them particularly vulnerable; over 15,000 malicious emails with QR codes were sent daily to the education sector through Microsoft Office 365 email, the report revealed.
The increasing sophistication of these attacks stems from a variety of motivations, Microsoft noted, adding that universities often house valuable intellectual property (IP) and maintain close ties with government agencies, making them appealing targets for cybercriminals seeking financial gain through ransomware, as well as nation-state actors focused on espionage.
Attackers may initially compromise individuals within the sector and then leverage that access to target higher-value assets, it revealed.
To combat these threats, the report recommended that universities adopt stronger cybersecurity protocols; this includes raising awareness among students, staff, and faculty about security risks, centralising technology infrastructure for better vulnerability monitoring, and deploying security tools like protective domain name services to block access to malicious websites.
Additionally, enforcing strong password policies and multifactor authentication (MFA) could significantly reduce the risk of unauthorised access, the report added.
For universities with limited IT resources, Microsoft report suggests using AI-powered solutions like Microsoft Copilot for Security, which can help bolster defences by automating tasks such as incident response and threat detection.
By investing in stronger cybersecurity measures and fostering a culture of awareness, the report assured that African universities can better protect their valuable data and research, ensuring a safer future for education on the continent.
Below are highlight of the report:
“When thinking about industries that cybercriminals might target, tertiary education probably is not the first to come to mind.
But according to the latest edition of Microsoft’s Cyber Signals report, education was the third most targeted industry in the second quarter of this year. The mix of valuable data and inherent vulnerabilities in education systems has caught the eye of various attackers—from those using new malware techniques to nation-state actors involved in traditional espionage.This is a particular concern for tertiary institutions in Africa, which is one of the most targeted regions in the world when it comes to cyberattacks. In fact, a recent study of 60 Kenyan universities showed that most of these institutions were experiencing hacks, while also battling a lack of adequate cybersecurity policies and controls, including organisational, human, physical and technological resources. Just last year a prominent Moroccan institution of higher learning was hit by a security breach of its master’s degree nomination platform, while a private university in Nigeria had its website completely overtaken by hackers. It’s clear that the education industry’s vulnerabilities haven’t gone unnoticed by cybercriminals.
“According to the Cyber Signals report, in the past year alone, more than 15,000 emails with malicious QR codes were sent daily to the sector using Microsoft Office 365 email. This highlights just how targeted and persistent these threats have become.There are several reasons why hackers often target the education sector. Unlike typical enterprises, universities have a diverse group of users—students, faculty, administration staff, and others. The open and dynamic nature of university environments, with frequent activities and international students, makes them particularly vulnerable to cyberattacks.Email systems in schools offer wide spaces for compromise This naturally open environment means universities are often more relaxed about email security. With a lot of emails creating noise in the system, institutions are limited in how they can place controls because they need to stay accessible for alumni, donors, and external collaborations. “This mix of openness and lack of controls makes them prime targets for attacks.Virtual and remote learning have also extended educational applications into homes and offices. Personal and shared devices, which are often unmanaged, are everywhere. Students, not always savvy about cybersecurity, might unknowingly expose their devices to risks.
Legacy infrastructure leaves school systems vulnerable
“The tertiary education sector often faces well-known funding and operational challenges. This means that cutting-edge digital classrooms have to operate alongside older applications and other IT assets. Managing and safeguarding these varied systems is tough, especially when it’s hard to keep cybersecurity experts on staff. This combination leaves school systems more vulnerable to attacks. Nation-state actors are after valuable IP and high-level connections Cybercriminals know that schools handle sensitive, regulated information and must stay open and accessible, making them targets for ransomware and extortion.Universities are hubs for valuable intellectual property and cutting-edge research, often in collaboration with government agencies. This makes them attractive to attackers looking to steal or leverage sensitive data.
For example, it can be easier for hackers to initially target someone in the education sector with ties to the defence sector and then use that access to launch more convincing phishing attacks on higher-value targets.Introducing a strong security curriculum Strengthening security measures can be a daunting and expensive task for schools, but there are steps they can take to protect themselves. Having a clear understanding of the threat environment is an essential place to start. Reports like Cyber Signals are invaluable resources for chief information security officers and their teams as they refine technologies, policies, and processes. This quarterly cyber threat intelligence brief, informed by the latest Microsoft threat data and research, provides expert insights into the current threat landscape and the tactics and techniques used by threat actors. It underscores Microsoft’s commitment to securing the digital ecosystem, in which we play such a central role. At Microsoft, security is our top priority, ensuring we earn and maintain the trust placed in us.
Beyond current insights, maintaining strong cyber hygiene is crucial. Raising awareness of security risks and promoting good practices among students, faculty, staff, and administrators can help create a safer environment.
For IT and security pros in education, starting with the basics and beefing up security is a good move. Centralising the tech setup can assist in monitoring activities more effectively and spotting vulnerabilities more easily. Specifically, the Cyber Signals report recommends that IT teams think about using “protective domain name service,” a handy free tool that can help stop ransomware and other cyberattacks by blocking access to harmful websites. To prevent password spray attacks, they should make sure to enforce strong passwords and set up multi-factor authentication.
“For under-resourced IT teams, tools such as Microsoft Copilot for Security can significantly enhance the efficiency and capabilities of security defenders, allowing them to improve their security outcomes at machine speed and scale. This AI-powered security solution provides an assistive copilot experience, supporting professionals in end-to-end scenarios like incident response, threat hunting, intelligence gathering, and posture management.It’s also important for universities to teach students and staff about good security habits and encourage them to use multifactor authentication or passwordless options.
According to the report, accounts are more than 99.9 per cent less likely to get hacked with multi factor authentication.
By putting stronger defences and proactive measures in place, universities can better equip themselves to fend off the increasing threats to their sensitive data and groundbreaking research. Building a solid security posture isn’t just about technology; it’s also about fostering a watchful culture ready to manage potential attacks. Investing in these measures now will safeguard their valuable assets and ensure their critical work continues without disruption.
We’ve got the edge. Get real-time reports, breaking scoops, and exclusive angles delivered straight to your phone. Don’t settle for stale news. Join LEADERSHIP NEWS on WhatsApp for 24/7 updates →
Join Our WhatsApp Channel
