Abstract
Cybercriminals have been increasingly targeting higher education institutions during the COVID-19 pandemic. The shift to online learning and remote work has created new opportunities for cybercriminals to exploit vulnerabilities in university networks and systems. This paper highlights the challenges faced by universities in ensuring the security of their information systems and employee data and the potential consequences of cyberattacks. The objective of this study is to conduct a comprehensive assessment of the cybersecurity situation in university facilities by identifying, quantifying, and modeling it. The resulting model will enable educational institutions to recognize potential operational risks and determine which measures to implement or improve to mitigate those risks. Consequently, we will create a novel assessment tool in this study to offer universities a precise representation of their current status, aiding university designers in incorporating the recommended cyber risk mitigation measures into the system design before deployment.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Haque MA, et al. Sustainable and efficient E-learning internet of things system through blockchain technology Learning Digit. Media. 2023. https://doi.org/10.1177/20427530231156711.
Goutam RK. Importance of cyber security. Int J Comput Appl. 2015. https://doi.org/10.5120/19550-1250.
Ahmed MA, Sindi HF, Nour M. Cybersecurity in hospitals: an evaluation model. J Cybersecurity Priv. 2022;2(4):853–61.
Auchus IC, Jaradeh K, Tang A, Marzan J, Boslett B. Transitioning to telehealth during the COVID-19 pandemic: patient perspectives and attendance at an HIV clinic in San Francisco. AIDS Patient Care STDS. 2021;35(7):249–54.
Jalali MS, Kaiser JP. Cybersecurity in hospitals: a systematic, organizational perspective. J Med Internet Res. 2018;20(5): e10059.
Brassard A. The Morris Worm. 1988. http://nevena.lss.hr/recordings/fer/predmeti/racfor/2018/seminari/abrassard/seminar.pdf. Accessed 4 July 2023.
Panguluri S, Phillips W, Ellis P. “Cyber security: protecting water and wastewater infrastructure. In: Priya D, editor. Handbook of water and wastewater systems protection. UK: Springer; 2011.
Berghel H. The code red worm. Commun ACM. 2001;44(12):15–9.
Machie A, Roculan J, Russell R, Velzen MV. Nimda worm analysis. Tech. Rep., Incident Analysis, Security Focus; 2001. pp 1208–19.
Wong C, Bielski S, McCune JM, Wang C (2004) “A study of mass-mailing worms,” In: Proceedings of the 2004 ACM workshop on Rapid malcode, p 1–10
Mohurle S, Patil M. A brief study of wannacry threat: Ransomware attack 2017. Int J Adv Res Comput Sci. 2017;8(5):1938–40.
Greenberg A (2018) “The untold story of NotPetya, the most devastating cyberattack in history,” Wired, August, vol. 22
Alkhadra R, Abuzaid J, AlShammari M, Mohammad N (2021) “Solar winds hack: In-depth analysis and countermeasures,” in 2021 12th International Conference on Computing Communication and Networking Technologies (ICCCNT), 2021, p. 1–7.
Hobbs A. “The colonial pipeline hack: Exposing vulnerabilities in us cybersecurity”, in SAGE Business Cases. SAGE Business Cases Originals: SAGE Publications; 2021.
Keary J. Rebuffing Russian ransomware: how the United States should use the colonial pipeline and JBS USA Hackings as a defense guide for ransomware. 2022.
Kirincich ED. Using machine learning forensics to decrease the success of ransomware attacks in the supply chain. Doctoral dissertation, Utica College; 2021.
Banks W. Cyber attribution and state responsibility. Int Law Stud. 2021;97(1):43.
Haque MA, Amola Y, Singh DN. Performance of Wimax over Wi-Fi with reliable QoS over wireless communication network. World Appl Program. 2011;1(5).
Haque MA, Haque S, Kumar K, Singh NK. A comprehensive study of cyber security attacks, classification, and countermeasures in the internet of things. In: Priya D, editor. Digital transformation and challenges to data security and privacy. IGI Global; 2021. p. 63–90.
Ahmad S, Jha S, Alam A, Alharbi M, Nazeer J. Analysis of intrusion detection approaches for network traffic anomalies with comparative analysis on botnets (2008–2020). Secur Commun Networks. 2022. https://doi.org/10.1155/2022/9199703.
Argaw ST, et al. Cybersecurity of Hospitals: discussing the challenges and working towards mitigating the risks. BMC Med Inform Decis Mak. 2020;20:1–10.
Chen R, Gaia J, Rao HR. An examination of the effect of recent phishing encounters on phishing susceptibility. Decis Support Syst. 2020;133:113287.
Connolly AY, Borrion H. Reducing ransomware crime: analysis of victims’ payment decisions. Comput Secur. 2022;119:102760.
Haque MA, Bokhari MU, Sinha AK, Singh NK (2017) “Comparative study on Wireless threats and their Classification,” In: INDIACom-2017,In: IEEE Conference ID: 40353 2017 4th International Conference on “Computing for Sustainable Global Development”, 01st - 03rd March, 2017 BVICAM, 2017, pp. 5057–5059.
Haque S, Zeba S, Alimul Haque M, Kumar K, Ali Basha MP. “An IoT model for securing examinations from malpractices. Mater Today Proc. 2021. https://doi.org/10.1016/j.matpr.2021.03.413.
Kim J, Lee C, Chang H. The development of a security evaluation model focused on information leakage protection for sustainable growth. Sustainability. 2020;12(24):10639.
Callejas-Cuervo M, Alarcón-Aldana AC, López AB (2016) “Security evaluation model for virtual learning environments,” in 2016 XI Latin American Conference on Learning Objects and Technology (LACLO), 2016, pp. 1–6.
Acknowledgements
The authors would like to thank the Deanship of Scientific Research, Prince Sattam Bin Abdulaziz University, Alkharj, Saudi Arabia for the help and support. This study is supported via funding from Prince Sattam Bin Abdulaziz University project number (PSAU/2023/R/1444).
Funding
This study is supported via funding from Prince Sattam Bin Abdulaziz University project number (PSAU/2023/R/1444).
Author information
Authors and Affiliations
Contributions
All authors contributed to design and development of the system as well as the manuscript. All authors have read and approved the final manuscript.
Corresponding author
Ethics declarations
Conflict of Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Ethical Approval
This article does not contain any studies with human participants performed by any of the authors.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of the topical collection “Industrial IoT and Cyber-Physical Systems” guest edited by Arun K Somani, Seeram Ramakrishnan, Anil Chaudhary and Mehul Mahrishi.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Haque, M.A., Ahmad, S., John, A. et al. Cybersecurity in Universities: An Evaluation Model. SN COMPUT. SCI. 4, 569 (2023). https://doi.org/10.1007/s42979-023-01984-x
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s42979-023-01984-x