Henry Seddon, VP EMEA at Duo Security:
“The findings reveal that universities – staff and students – make popular targets for these attacks, which leaves them vulnerable to all kinds of security risks. The challenge is that phishing attacks are increasingly sophisticated – a targeted spear phishing attack can be particularly difficult to spot – but they can ultimately compromise the security of the entire network. They open the doors to hackers, with stolen credentials, to access an organisation’s system virtually undetected, posing as an authorised user. Worryingly, phishing is now the most popular way of delivering ransomware onto an organisation’s network.
Universities need to be vigilant and practice good cyber security hygiene: security updates should be installed as soon as they are available as attacks delivered via phishing campaigns can specifically target out-of-date systems or unpatched software. Education is vital, so keep staff and students updated on the risks that phishing can pose – advising them not to click on any links or attachments that look suspicious“