The Student Loans Company (SLC) sustained nearly one million cyber attacks in the last financial year, including one successful 'cryptojacking' malware attack.
The government-owned loans and grants body for universities and colleges suffered an attempted 965,639 cyber attacks during 2017/18, according to a Freedom of Information (FOI) request made by the Parliament Street think tank.
This was in addition to 323 attempted malware attacks, and 235 malicious calls or emails during 2017/18, all of which were unsuccessful.
The one successful cyber attack saw the domain slc.co.uk inflected with Monero cryptocurrency mining malware via a third-party plugin.
This was considered a third-party incident given the website is hosted by a third-party supplier. SLC said the website only hosts publicly-available material, so no customer data was involved.
Parliament Street asked the SLC for details surrounding attempted cyber attacks during the last three financial years, broken down by year, and the type of attack. The attacks were categorised by malware, denial-of-service, malicious calls/emails and cyber attacks.
The figures also show the SLC has become a far more attractive target for cyber criminals in a short space of time. In 2015/16, the organisation sustained just three attempted cyber attacks, and only 95 the following year.
This is not a surprise considering the body holds a loan book worth 117.8 billion, according to its 2017/18 annual report, and holds data on 8.1 million registered customers, much of it highly sensitive and financial in nature.
An SLC spokesperson lamented the soaring number of cyber attacks, suggesting "they have become a part of life".
"Firstly we'd stress that malicious online activity affects every organisation and individual," the spokesperson told IT Pro.
"It is also necessary to put in context that 99.9 % of the "attempts" recorded in 17/18 present an extremely low level of threat. The apparent increase in 17/18 figures is largely due to changes in the way security incidents are recorded.
"It is also worth stressing that, while we remain permanently aware and vigilant, every one of these attempts was detected and prevented at an early stage, with no violation of systems or data security.
"Cyber security will always remain a top priority for SLC and we continue to invest in the technical expertise and resources required to keep information safe."
The number of attempted cyber attacks for 2017/18 is significantly higher than usual, according to the SLC, because the figures recorded contained the number of blocks at the security perimeter. Of the near-million attempts, 127 were not blocked and run as incidents, with the only successful attack the Monero 'cryptojacking' infection.
"The sharp rise in cyber attacks is a trend we are seeing in all areas of the public sector, particularly following the WannaCry attack on the NHS in 2017," said Parliament Street CEO Patrick Sullivan.
"It's more important than ever that organisations such as The SLC protects the confidential financial information it holds from third-party attacks, but investing in encryption and cyber initiatives."
Imperva's senior vice president Terry Ray added it was unsurprising the SLC has found itself with a target on its back, given the sort of data it handles.
"It's no surprise that cybercriminals are relentlessly targeting the personal financial details of students, putting the wellbeing of tens of thousands of individuals at risk," he said.
"Tackling this problem means investing heavily in the latest cybersecurity measures, to keep hackers out and limit the risk of a major data breach."
