The UK’s National Cybersecurity Centre has issued an advisory which warns UK universities that “state espionage will continue to pose the most significant threat to the long-term health of both universities and the UK itself”, adding that there is a real possibility that “the threat will increase in-line with increased scrutiny of foreign direct investment and the minimizing of other avenues to gain insight and advantage,” TEISS reported.
Over 60 universities in the US, the UK and Australia are under attack by an expanded global #phishing campaign dubbed #CobaltDickens. via @ZDNet https://t.co/u7iDiVmQgX pic.twitter.com/EPQTZ6Alcd
— SonicWall (@SonicWall) September 11, 2019
Universities are a prime target for phishing because of their diverse user base, including students, faculty, governors and even parents. Universities hold a large amount of information such as sensitive Personally Identifiable Information (PII), payment details and valuable grant funded research all of which can prove to be valuable to motivated attackers.
Phishing was cited as one of the primary attack tactics in the report. While employees in corporate organisations may have received awareness training, many students won’t have the same experience in identifying and reporting phishing attacks. Similarly, unless you’re involved with the information security industry and can stay on top of the ever-evolving tactics attackers use, you’re less likely to recognise the tell-tale signs of a phishing email.
We have seen the effects that cyber-attacks can have on educational institutions, which is why it pays to make attackers lives as difficult as possible. The only way to do this is to implement security and defence tools that we already know work, like perimeter protection tools such as firewalls, network segmentation to contain any threat discovered as well as vulnerability assessment solutions. By getting the basics right, universities will be making it harder and costlier for attackers to be effective with their threats. Most times, a hacker’s function is to cause as much disruption as possible, so finding and patching known vulnerabilities, making sure critical systems are securely configured and monitoring your systems for abnormal changes, can go a long way to increasing your barrier of defence, especially as the threat of an attack from nation states increases.
Educational institutions are a notoriously ripe target for cybercriminals, first and foremost for the valuable intellectual property stored on their servers, but also for the wealth of information that universities collect about their students and staff. The warning issued by the NCSC goes to show that steps are being taken at a governmental level to prepare educational institutions for the eventuality of an attack, and that a risk assessment has been conducted.
Being aware of the potential threats is the first step of any successful cybersecurity strategy. Universities should make sure that their incident response plan and cybersecurity strategy is updated regularly, and that the most vulnerable attack vectors are protected. While certainly most institutions will have strong controls in place, it is paramount for them to also consider the human component of security, which can often make the difference between a malicious email ending up in the junk folder and a data breach. Training employees and students – and anyone that has access to the network – to the best practices of cyber hygiene can go a long way to prevent malicious actors making their way to critical information.