Most organizations leave their cyber security up to their system/network administrators and/or programmers. Unfortunately this often results in unpatched systems, disabled firewalls, weak passwords, little to no secure software, and other bad practices that make overloaded IT teams’ and hackers’ jobs easier.
Sadly having a dedicated technical security team is a luxury few organizations think they can afford.
Many people already know how to recognize sketchy files - usually they show up as attachments in unsolicited emails and/or have suspect file extensions. Viruses commonly have the .exe extension although several other file extensions are risky like .com, .app, or .vb.
No forensics experts were hired to investigate this incident where a librarian with domain administrator access allegedly created another domain administrator account that was used to execute this hack. If true it reflects terribly on the university's network security.