<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1054151198438221&amp;ev=PageView&amp;noscript=1">

The Article Galaxy Blog

Fighting Cyber Crime in Academia Requires a Collective, Coordinated Effort

Lettie Y. Conrad|Product & Publishing Consultant
Lettie Y. Conrad|Product & Publishing Consultant
August 6, 2020

Research universities store a lot of personal data in their computer networks. Unfortunately, keeping that data safe and protected (e.g. preventing data breaches, ensuring data privacy, and safeguarding the licensing of peer-reviewed research) isn’t easy. An article in this month's issue of Against the Grain, "Beyond Sci-Hub: Cyber Challenges for the Scholarly Communications Industry," notes that the education sector is the third largest target for cyber-attacks—placing it ahead of retail.

The article shares striking examples of the damaging effects hacking can have on universities, both financially and in terms of research integrity. For example:

  • Rutgers University reportedly had to spend $3 million on cybersecurity
  • In the UK, state-sponsored espionage was reported by the National Cyber Security Centre to have damaged the value of research at some universities, particularly in STEM subjects
  • At the affected universities, damage to the value of research resulted in a drop in private or public sector investment

Co-authored with two other members of the Scholarly Networks Security Initiative (Rick Anderson, associate dean for collections and scholarly communication at the University of Utah's Marriott Library; Robert Boissy, Springer Nature's director of account development) it addresses this critical question:

“How do we balance the need for access, while also protecting ourselves, our assets, those for whom we are responsible, and the quality of the academic record from criminals?"

In a blog post last year, we shared our key takeaways from the 2019 Information Security Summit, which offer insight into that question, including these dire statistics about the threat of cybercrime in academia:

  • Hackers attack every 39 seconds
  • A breach can cost organizations an average of $150 million
  • In 2018, more than 500 million records were stolen
  • Most companies take months before they even detect a breach has happened, others are not even aware until they are informed by a third party
  • Education records and university login credentials can fetch more than credit card numbers on the black market

On the flip side, perhaps the most important takeaway from the 2019 Summit was that most hacking events are likely due to human error. That’s hopeful news, because it means that protecting campus systems, networks, and programs from digital attacks is within our reach. But in order to reduce human error, institutions need to train people better on the technologies and "always do more than is required to protect their network information."

The ATG article makes a similar argument, emphasizing that in order to mitigate the risk of cybercrime in a lasting way, publishers, librarians, and network security staff must all work together to ensure institutions can implement and uphold network systems that balance data safety with easy access to research.

The article also examines the role of Sci-Hub and similar sites, which are often applauded for democratizing access to scholarly research—but which make it difficult for institutions to achieve this balance. Importantly, however, is to note that Sci-Hub's activities "are not the only threat to the scholarly communications ecosystem and the integrity of the academic record, and this issue goes beyond that of the illegal accessing of academic research." In short, more than scientific articles are stolen when a university’s server is breached.

The Scholarly Networks Security Initiative is a collective of scholarly communications stakeholders who have joined together to solve the cyber challenges in academia. To learn about some of the successful initiatives currently underway, ongoing challenges, and the group’s outreach efforts, you can read the full article here.

Read

Research universities store a lot of personal data in their computer networks. Unfortunately, keeping that data safe and protected (e.g. preventing data breaches, ensuring data privacy, and safeguarding the licensing of peer-reviewed research) isn’t easy. An article in this month's issue of Against the Grain, "Beyond Sci-Hub: Cyber Challenges for the Scholarly Communications Industry," notes that the education sector is the third largest target for cyber-attacks—placing it ahead of retail.

The article shares striking examples of the damaging effects hacking can have on universities, both financially and in terms of research integrity. For example:

  • Rutgers University reportedly had to spend $3 million on cybersecurity
  • In the UK, state-sponsored espionage was reported by the National Cyber Security Centre to have damaged the value of research at some universities, particularly in STEM subjects
  • At the affected universities, damage to the value of research resulted in a drop in private or public sector investment

Co-authored with two other members of the Scholarly Networks Security Initiative (Rick Anderson, associate dean for collections and scholarly communication at the University of Utah's Marriott Library; Robert Boissy, Springer Nature's director of account development) it addresses this critical question:

“How do we balance the need for access, while also protecting ourselves, our assets, those for whom we are responsible, and the quality of the academic record from criminals?"

In a blog post last year, we shared our key takeaways from the 2019 Information Security Summit, which offer insight into that question, including these dire statistics about the threat of cybercrime in academia:

  • Hackers attack every 39 seconds
  • A breach can cost organizations an average of $150 million
  • In 2018, more than 500 million records were stolen
  • Most companies take months before they even detect a breach has happened, others are not even aware until they are informed by a third party
  • Education records and university login credentials can fetch more than credit card numbers on the black market

On the flip side, perhaps the most important takeaway from the 2019 Summit was that most hacking events are likely due to human error. That’s hopeful news, because it means that protecting campus systems, networks, and programs from digital attacks is within our reach. But in order to reduce human error, institutions need to train people better on the technologies and "always do more than is required to protect their network information."

The ATG article makes a similar argument, emphasizing that in order to mitigate the risk of cybercrime in a lasting way, publishers, librarians, and network security staff must all work together to ensure institutions can implement and uphold network systems that balance data safety with easy access to research.

The article also examines the role of Sci-Hub and similar sites, which are often applauded for democratizing access to scholarly research—but which make it difficult for institutions to achieve this balance. Importantly, however, is to note that Sci-Hub's activities "are not the only threat to the scholarly communications ecosystem and the integrity of the academic record, and this issue goes beyond that of the illegal accessing of academic research." In short, more than scientific articles are stolen when a university’s server is breached.

The Scholarly Networks Security Initiative is a collective of scholarly communications stakeholders who have joined together to solve the cyber challenges in academia. To learn about some of the successful initiatives currently underway, ongoing challenges, and the group’s outreach efforts, you can read the full article here.

The Author

    Lettie Y. Conrad|Product & Publishing Consultant

Lettie brings nearly 20 years’ experience in scholarly publishing to her diverse portfolio of product research and development projects. She is dedicated to helping information organizations cultivate a user-centered, standards-compliant approach to digital publishing and academic programs. Her expertise lies in optimizing user engagement for content discovery and access of academic content platforms. Previously, Lettie played a key role in establishing the product management program at SAGE Publishing. Currently, Lettie is North American Editor for Learned Publishing, a ‘chef’ with the SSP’s Scholarly Kitchen blog, and Information Science PhD candidate at the Queensland University of Technology, Brisbane.

Topics

article galaxy, academic librarians, scientific journals, #cybersecurity, AcademicLibraries, Academia

Ready to See
Article Galaxy in Action?

Schedule a call with one of our advisors. We will get you started with a FREE 14-day trial, with no obligation.

REQUEST MORE INFORMATION