Divya Shrestha
Laura Palovuori
Tom Tuunainen
Over the past few years, the educational sector has been one of the most vulnerable sectors to cybercrime. Although universities have always defended their servers and research databases, a new trend has developed. The attackers are increasingly turning their attention to students. They have realized that students often represent the easiest path into those systems.
All the students nowadays often lead part of their lives online. Learning platforms, student emails, cloud services, banking, and social media are all integrated into one digital identity. To cybercriminals, students are an attractive entry point as they are not only holding personal information but also have access to systems of institutions, and they are not always well guarded by companies or their IT departments. Even in Centria University of Applied Sciences and other Finnish universities, this trend is starting to be identified and addressed as an important aspect of maintaining the safety of learning environments.
A perfect target
Students depend on a mix of personal and institutional devices. The laptops, tablets, and phones move around campus: student dorms, cafes, and open Wi-Fi zones where each shift of network increases exposure. As hybrid and online learning has become a normal way of life in studying, a careless click can provide an entry point.
According to Finnish studies, educational institutions are faced with complex problems. As cyber crises have become increasingly a fact, a recent study by the JAMK University of Applied Sciences (2023) revealed that the willingness of Finnish schools and colleges to deal with cybercrimes is uneven even with increased digitalization.
Globally, the trend is clear. This open network of academics with large user communities and low cost associated with them forms an ecosystem in which attackers can experiment with new strategies at low cost and anonymity. Check Point Software Technologies (2025) reports that the education industry has been assaulted more than 4 356 times per institution in a week, which is 41percent higher than the previous year. According to the report by Mendez-Padilla (2025), the ransomware incident in the education sector has increased by 23 percent in the first half of the year 2025. These statistics demonstrate that schools have become ideal battling fields in terms of cybersecurity strategies.
Consequences beyond the screen
To an individual learner, the consequences of a successful cyberattack could be farfetched. Stolen or hacked down personal information can result in identity theft, loss of money, or damaged reputation. The lack of access to online learning platforms even momentarily can disrupt studies, stall graduation, or lead to anxiety.
To the institution, the stakes are also very high. An attack that bounces through student accounts or shared drives is capable of disrupting classes and research, ruining trust, and having some major recovery expenses. According to the GDPR, legal consequences and fines also apply to any exposure of personal data, which are governed by the European Union. According to the survey conducted by the government of the UK in 2025, 91 out of 100 institutions of higher education reported at least one attack or breach in the past year, as compared to only 43 out of 100 businesses overall.
Building a culture of cyber awareness
According to the State of Ransomware in Education (Sanhotra 2025), the attacks have become increasingly common, but the median ransom payment in higher education has dropped to 697 000 USD and recovery costs are also declining. This is due to an improvement in preparation, earlier detection, and more strategic reactions, which consists of staff and student awareness programs.
The positive thing is that great things are achieved by little things. Awareness and behavior change is, in many cases, more effective than technology that costs a lot. Regular short workshops, reminders about phishing, and integrating cybersecurity into first-year orientation can make a measurable difference. Institutions are becoming more resilient.
Incorporating cybersecurity awareness into general courses that do not necessarily only target IT students would show everyone a realistic expectation of what working life entails, as every job today relies on data security.
On an institutional level, practices like multi-factor authentication, network segmentation, and access to secure VPN are becoming the norm. But technical protection is not sufficient yet. Everyone should be more careful and at least have some basic information about these things to be able to avoid them.
What could a cyber-aware campus look like
Students play an increasingly vital role in the cyber domain. The security of an entire academic ecosystem depends on their gadgets, routines, and levels of consciousness. By securing accounts, reporting suspicious activities, or learning to identify a phishing email, each student can make an online environment a bit safer. After all, cybersecurity is not only a technical issue but also a shared responsibility.
Centria and other Finnish universities have the chance to set an example for what a truly cyber-aware campus looks like, where learning, research, and innovation flourish safely in an open but well-protected digital environment, as digital education continues to develop. For this to happen, cybersecurity should become a part of everyday behavior rather than an occasional warning.
It must begin with ensuring that cybersecurity is visible and relatable with short reminders, practical guidance, hands-on learning, and peer-to-peer support that can turn abstract tips into practical skills and make cybersecurity seem friendly as opposed to technical. Above all, together with effective technological protection, a cyber-aware campus will create an environment of transparency in which students are not afraid to report suspicious messages or behavior.
In a world where cybercrime has made students one of the best targets, turning a campus into a cyber-aware campus is not merely a technical enhancement. It is a cultural change. The question is not whether we can afford to do this, but whether we can afford not to.
Article photo. Students of Centria think that cybersecurity is important. From the left: Obioma Nduka, Divya Shrestha, Aya Mouissa and Prakash Acharya. Photo by Jaakko Viljanen.
References
Check point software technologies. 2025. Cyber Attacks Surge Against Education Sector Ahead of Back-to-School Season. Available at: https://www.channele2e.com/native/cyber-attacks-surge-against-education-sector-ahead-of-back-to-school-season. Accessed 3 November 2025.
JAMK University of Applied Sciences. 2023. The readiness of Finnish educational institutions to face cyber crises. Available at: https://www.jamk.fi/en/research-and-development/rdi-projects/the-readiness-of-finnish-educational-institutions-to-face-cyber-crises. Accessed 30 October 2025.
Mendez-Padilla, B. 2025. Ransomware attacks in education jump 23% year over year. Cybersecurity Dive. Available at: https://www.cybersecuritydive.com/news/ransomware-attacks-education-jump-23-percent-h1-2025/753703/. Accessed 5November 2025.
Sanhotra, R. 2025. The State of Ransomware in Education 2025. Sophos Group. Available at: https://news.sophos.com/en-us/2025/09/10/the-state-of-ransomware-in-education-2025/. Accessed 11 November 2025.
UK Government. 2025. Cyber security breaches survey 2025: education institutions’ findings. Available at: https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2025/cyber-security-breaches-survey-2025-education-institutions-findings. Accessed 7 November 2025.
Divya Shrestha
RDI student assistant
Centria University of Applied Sciences
Tel. 050 408 7261
Laura Palovuori
RDI specialist
Centria University of Applied Sciences
Tel. 040 626 0028
Tom Tuunainen
RDI developer
Centria University of Applied Sciences
Tel. 040 681 7207
