Threats facing the UK’s universities and how they can take to protect themselves are outlined in a report from the UK official National Cyber Security Centre (NCSC), a part of GCHQ.
Sarah Lyons, Deputy Director for Economy and Society at the National Cyber Security Centre, said: “The UK’s universities are rightly celebrated for their thriving role in international research and innovation collaborations. The NCSC’s assessment helps universities better understand the cyber threats they may face as part of the global and open nature of research and what they can do about it using a Trusted Research approach.
“NCSC is working closely with the academic sector to ensure that, wherever the threat comes from, they are able to protect their research and their universities in cyberspace.”
The assessment found that the open and outward-looking nature of universities, while allowing collaboration across borders, also eases the task of a cyber attacker. Among the examples in the assessment was an attack from last year attributed to Iranian actors in which they were able to steal the credentials of their victims after directing them to fake university websites. The attack took place across 14 countries, including the UK.
The report also mentions JISC, a not-for-profit body which provides digital services, including the Janet Network, to UK education and research bodies. The impact of both phishing attacks and malware featured in their 2018 Cyber Security Posture Survey. See also a JISC blog by University of Greenwich vice-chancellor David Maguire. In 2016, Greenwich had two security breaches of sufficient seriousness to be reported to the UK data privacy regulator, the Information Commissioner’s Office (ICO), that led to a five-figure fine.
For more, visit the NCSC blog.
Comments
Matt Lock, Technical Director at Varonis, says: “The recommendations from the National Cyber Security Centre are spot on, but some universities will struggle to change outdated systems, gain control of digital files that are everywhere and open to everyone, and update information access to a least-privilege model. Funding is one factor, but so is managing data in a collaborative academic environment in which information must be shared, turnover is steady, and attackers have countless tools and tricks up their sleeves to compromise systems. Attackers will continue to win until UK universities make data protection a priority.”
Jordan Wright, Duo Security Principal R&D Engineer says: “Universities are a prime target for phishing because of their diverse user base, including students, faculty, governors and even parents. Universities hold a large amount of information such as sensitive Personally Identifiable Information (PII), payment details and valuable grant funded research all of which can prove to be valuable to motivated attackers.
“Phishing was cited as one of the primary attack tactics in the report. While employees in corporate organisations may have received awareness training, many students won’t have the same experience in identifying and reporting phishing attacks. Similarly, unless you’re involved with the information security industry and can stay on top of the ever-evolving tactics attackers use, you’re less likely to recognise the tell-tale signs of a phishing email.”
Paul Edon, senior director technical sales and services (EMEA) at cyber product firm Tripwire, adds: “We have seen the effects that cyber-attacks can have on educational institutions, which is why it pays to make attackers lives as difficult as possible. The only way to do this is to implement security and defence tools that we already know work, like perimeter protection tools such as firewalls, network segmentation to contain any threat discovered as well as vulnerability assessment solutions.
“By getting the basics right, universities will be making it harder and costlier for attackers to be effective with their threats. Most times, a hacker’s function is to cause as much disruption as possible, so finding and patching known vulnerabilities, making sure critical systems are securely configured and monitoring your systems for abnormal changes, can go a long way to increasing your barrier of defence, especially as the threat of an attack from nation states increases.”
Picture by Mark Rowe; Durham University.
