Universities a 'huge target' for nation-state attackers, warns NCSC

The UK's leading cyber security agency issued advie to elite academic institutions on how keep them and their country safe

Cardiff University

In an assessment of the state of cyber security of UK universities, the National Cyber Security Centre (NCSC) said state-sponsored espionage is among the most evident and damaging threats in the long-term to academia's elite.

Universities are the gatekeepers and creators of highly valuable information, which makes them attractive targets of cyber crime and state-sponsored espionage, so it's important that these institutions remain cyber secure.

Ask key contributors to the economy, skills development and innovation in the UK, universities handle highly sensitive and valuable personal data an intellectual property that outside threats would love to acquire.

"It is almost certain that state-sponsored actors are looking to steal data and information for strategic gain," said the NCSC. "Meanwhile, cyber criminals seek to commit fraud, or monetise stolen material through sale or ransom.

"Once access is gained, it is highly likely that both types of attacker will exploit facilities such as compromised email accounts, to further penetrate university systems."

The threat of state-sponsored espionage is particularly high for universities with world-leading research programs, according to the cyber security branch of GCHQ, and the damage of stolen data would extend to the UK's "larger national interest" and researchers who may lose the chance to 'publish first'.

Sensitive research such as that related to the military, national defence and in STEM is among the most prized data that attackers would want to target. Losing this would likely come at the detriment of both the university and the UK as a whole, the NCSC said.

For example, the university could become less valuable to investors if they're research is stolen through a cyber attack which would mean funding may be cut to future research projects. The UK would also become more vulnerable if our enemies gain information about how we protect the country.

Phishing is one of the key concerns universities should address, according to the NCSC, as it's a common way attackers can steal log-in credentials from students and staff. It can also lead to the downloading of malware which can be designed to steal data once it has infected a machine connected to the university's network.

"While employees in corporate organisations may have received awareness training, many students won't have the same experience in identifying and reporting phishing attacks," said Jordan Wright, Duo security principal R&D engineer.

"Similarly, unless you're involved with the information security industry and can stay on top of the ever-evolving tactics attackers use, you're less likely to recognise the tell-tale signs of a phishing email."

In August 2018 researchers discovered myriad phishing attempts on western universities, including the UK's, that ultimately stemmed from Iranian nation-state attackers. They created fake log-in pages to which victims were sent through email and then stole their university log-in credentials, mainly for their library systems so they could steal intellectual property.

A previous Iranian attack spanning four years was foiled in 2018 which saw hackers target 100,00 professors and ultimately made off with over 30 terabytes of academic data.

The NCSC advises universities to promote cyber security awareness of everyone on campus as phishing attacks try to exploit human tendencies but this can be particularly difficult for universities which see a high turnover of staff and students.

Due to this high turnover, the security body also encouraged strict access controls to be put in place and the partitioning of the network, keeping high-value data in different places to make it less easily accessible for attackers.

Lastly, universities should consider their computer network design and deploy a central means of management. Universities enjoy the freedom of many private networks for specific departments and functions but these can become difficult to manage and if left vulnerable, provide attackers with an entry point to a network.

Featured Resources

BIOS security: The next frontier for endpoint protection

Today’s threats upend traditional security measures

Download now

The role of modern storage in a multi-cloud future

Research exploring the impact of modern storage in defining cloud success

Download now

Enterprise data protection: A four-step plan

An interactive buyers’ guide and checklist

Download now

The total economic impact of Adobe Sign

Cost savings and business benefits enabled by Adobe Sign

Download now

Recommended

What is cyber warfare?
Security

What is cyber warfare?

22 Sep 2020
8 of the most secure web browsers
web browser

8 of the most secure web browsers

25 Sep 2020
Your essential guide to internet security
Security

Your essential guide to internet security

23 Sep 2020
How to enable private browsing on any device
privacy

How to enable private browsing on any device

22 Sep 2020

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
The Xbox Series X shows how far the cloud still has to go
Cloud

The Xbox Series X shows how far the cloud still has to go

25 Sep 2020