Universities are prime targets for hackers—not just college kids trying to change their grades, but potentially "nation-state actors" much like the hackers who targeted large corporations, said Michael Oppenheim, intelligence operations manager at Internet security firm FireEye.
"For a university that's understaffed and under-resourced, it can be a difficult situation for them," Oppenheim said.
Hackers use "spear phishing" emails with malicious links or attachments that can be used to establish a "beachhead inside the network" and try to gain more access, Oppenheim said. Other times they enter malicious code into websites that students and faculty regularly log into.
Universities should be looking to outside help to strengthen computer networks considering most third-party companies that provide software to education institutions do not focus on security, said Michael Borohovski, founder and CTO of Tinfoil Security.