Universities a 'huge target' for nation-state attackers, warns NCSC

The UK's leading cyber security agency issued advie to elite academic institutions on how keep them and their country safe

Cardiff University

In an assessment of the state of cyber security of UK universities, the National Cyber Security Centre (NCSC) said state-sponsored espionage is among the most evident and damaging threats in the long-term to academia's elite.

Universities are the gatekeepers and creators of highly valuable information, which makes them attractive targets of cyber crime and state-sponsored espionage, so it's important that these institutions remain cyber secure.

Ask key contributors to the economy, skills development and innovation in the UK, universities handle highly sensitive and valuable personal data an intellectual property that outside threats would love to acquire.

"It is almost certain that state-sponsored actors are looking to steal data and information for strategic gain," said the NCSC. "Meanwhile, cyber criminals seek to commit fraud, or monetise stolen material through sale or ransom.

Advertisement
Advertisement - Article continues below

"Once access is gained, it is highly likely that both types of attacker will exploit facilities such as compromised email accounts, to further penetrate university systems."

The threat of state-sponsored espionage is particularly high for universities with world-leading research programs, according to the cyber security branch of GCHQ, and the damage of stolen data would extend to the UK's "larger national interest" and researchers who may lose the chance to 'publish first'.

Sensitive research such as that related to the military, national defence and in STEM is among the most prized data that attackers would want to target. Losing this would likely come at the detriment of both the university and the UK as a whole, the NCSC said.

For example, the university could become less valuable to investors if they're research is stolen through a cyber attack which would mean funding may be cut to future research projects. The UK would also become more vulnerable if our enemies gain information about how we protect the country.

Phishing is one of the key concerns universities should address, according to the NCSC, as it's a common way attackers can steal log-in credentials from students and staff. It can also lead to the downloading of malware which can be designed to steal data once it has infected a machine connected to the university's network.

"While employees in corporate organisations may have received awareness training, many students won't have the same experience in identifying and reporting phishing attacks," said Jordan Wright, Duo security principal R&D engineer.

"Similarly, unless you're involved with the information security industry and can stay on top of the ever-evolving tactics attackers use, you're less likely to recognise the tell-tale signs of a phishing email."

In August 2018 researchers discovered myriad phishing attempts on western universities, including the UK's, that ultimately stemmed from Iranian nation-state attackers. They created fake log-in pages to which victims were sent through email and then stole their university log-in credentials, mainly for their library systems so they could steal intellectual property.

A previous Iranian attack spanning four years was foiled in 2018 which saw hackers target 100,00 professors and ultimately made off with over 30 terabytes of academic data.

The NCSC advises universities to promote cyber security awareness of everyone on campus as phishing attacks try to exploit human tendencies but this can be particularly difficult for universities which see a high turnover of staff and students.

Advertisement
Advertisement - Article continues below

Due to this high turnover, the security body also encouraged strict access controls to be put in place and the partitioning of the network, keeping high-value data in different places to make it less easily accessible for attackers.

Lastly, universities should consider their computer network design and deploy a central means of management. Universities enjoy the freedom of many private networks for specific departments and functions but these can become difficult to manage and if left vulnerable, provide attackers with an entry point to a network.

Advertisement
Related Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

4 Nov 2019
Visit/domain-name-system-dns/34842/microsoft-embraces-dns-over-https-to-secure-the-web
Domain Name System (DNS)

Microsoft embraces DNS over HTTPS to secure the web

19 Nov 2019
Visit/strategy/28115/the-pros-and-cons-of-net-neutrality
Business strategy

The pros and cons of net neutrality

4 Nov 2019
Visit/social-media/34844/can-wikipedia-founders-social-network-really-challenge-facebook
social media

Can Wikipedia founder's social network really challenge Facebook?

19 Nov 2019