University Of Sunderland Hit With Major Cyber Attack

BACKGROUND:

Following the news that the University of Sunderland has been hit by an apparent cyberattack, which has brought down its website, phones and IT systems, please see below comments from cybersecurity experts.

Subscribe
Notify of
guest

5 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Stephen Bradford
Stephen Bradford , SVP EMEA
InfoSec Expert
October 14, 2021 11:38 am

<p>A hybrid learning approach for many universities means that more than ever, students depend on the online world for education. But cyber threats pose a major risk to this – as we already see with the suspected attack on Sunderland University. In the space of a few minutes, threat actors had the power to bring down websites and IT systems down, causing unprecedented disruption. <u></u><u></u></p>
<p> As the new university term gets properly underway, it’s crucial educational institutions make sure they’re following best practices for cyber security. A common way for hackers to gain entry is through different user access points. With many new students starting at once and acquiring a range of logins, and many universities migrating to the cloud environment, higher education institutions need to be extra vigilant here. Identity security using AI and ML is critical for this, allowing users only as much access to services as they need – no more, no less. This means any potential vulnerabilities and unusual behaviour can be spotted early, reducing the chance of a breach occurring.</p>

Last edited 11 months ago by Stephen Bradford
Jake Moore
Jake Moore , Cybersecurity Specialist
InfoSec Expert
October 14, 2021 11:28 am

<p>Universities remain soft target and especially at the start of the academic year when priorities may lie elsewhere. The combination of a lack of funding and resources, coinciding with a number of remote workers can create the perfect space for attackers to strike. If universities decide to pay ransom demands in order to restore their networks, the ransomware cycle continues to spin and more victims are created. Multiple attacks over recent years makes them more of a target and seemingly more vulnerable than other potential targets.  </p>
<p>However, protection doesn’t have to be time consuming or a financial burden. Implementing multi factor authentication or using a single sign-on solution to prevent the majority of phishing attacks – which remains the number one tactic for ransomware – can help mitigate the problem with relative ease.</p>

Last edited 11 months ago by Jake Moore
Steven Hope
Steven Hope , CEO and co-founder
InfoSec Expert
October 14, 2021 11:26 am

<p>Ever since the shift to remote learning, the education sector has been even more vulnerable to attack. Not only do they house an enormous amount of valuable and sensitive data on students and staff, the lack of cybersecurity and cybersecurity awareness makes it an attractive target to a threat actor looking for monetary gain. There isn’t enough cybersecurity training for those in the education sector, especially among students. While the cause of the incident is unknown, it is safe to say that unsecured and unmanaged accounts pose an easy entry to malicious actors, which can often be attributed to weak or reused passwords. Various studies show that many individuals reuse the same password for multiple accounts, meaning if a personal account is infiltrated, any bad actor can get easy access into a university/education account and wreak havoc from there. While a cyber attack can occur for many reasons, one thing students and workers in the education sector can do to improve their own and their organisation’s security is to implement adequate authentication/verification and manage their account passwords. At least this way they can shut one doorway onto the network and minimise the chance for easy access.</p>

Last edited 11 months ago by Steven Hope
Danny Lopez
Danny Lopez , CEO
InfoSec Expert
October 13, 2021 12:13 pm

<p dir=\"ltr\">Reports of universities being the victim of cyber attacks have become increasingly common over the last 18-months.  It’s concerning considering the extensive damage that can be caused in terms of lost data – for both students and staff – and access to vital educational services. The cyber attack will inevitably have a huge impact on productivity. Just as the new university term begins, students and staff have lost access to their campus network, which will undoubtedly affect teaching and access to study resources.  </p>
<p dir=\"ltr\">Educational institutions should adopt a ‘defence-in-depth’ approach to cybersecurity, as advised by the NCSC. This means using multiple layers of defence with several mitigations, which creates more opportunities to detect malware and prevent it from doing widespread harm to the institution. </p>
<p dir=\"ltr\">But even when all procedures and policies are well-executed, there\’s no escaping the fact that adversaries are constantly looking to probe vulnerabilities. Often this is as simple as inserting malware using documents and files shared in their hundreds everyday in an educational environment. It\’s vital these organisations invest in cyber protection services that stay ahead of attackers by eliminating the threats while still allowing all users to do their vital work.</p>
<p dir=\"ltr\">Attacks like these demonstrate that a traditional castle-and-moat approach to network security leaves organisations exposed. Zero trust security sees the world differently. No one is trusted by default, regardless of whether they are inside or outside a network. In a world where data can be held amongst multiple cloud providers, it is crucial to strengthen all processes relating to access verification. Without a zero-trust approach, organisations run the risk of attackers having a free reign across a network once they are inside.</p>

Last edited 11 months ago by Danny Lopez
George Patsis
InfoSec Expert
October 13, 2021 12:11 pm

<p>We have recently seen an increased effort from cybercriminals targeting universities because attackers understand that when systems are down and inaccessible, universities will be under pressure to get them back online as quickly as possible, even if it means giving in to cybercrime demands.</p>
<p>This has become even truer recently as more universities are offering remote learning to students. Not only has this increased attack avenues for cybercriminals, it has also put new pressure on university networks to be ‘always on’ so nothing can interrupt student studies. Attackers also understand that the consequences posed by attacks are far reaching and difficult to recover from, with a recent cyberattack on the neighbouring Newcastle University taking systems offline for many weeks.</p>
<p>As a result, addressing security concerns should be a number one priority for universities. However, budgetary constraints and skills shortages are two of the biggest hurdles universities face when it comes to protecting their networks. Many universities simply do not have the resources to manage the threats they are facing, while others don’t have budget to run an inhouse security operations centre.</p>
<p>One of the best ways to overcome these challenges is by working with security service providers who can take the burden of managing and remediating threats away from the university. This way universities can benefit from experts in the field of cyber, without putting pressure on internal resources.</p>

Last edited 11 months ago by George Patsis
Information Security Buzz
5
0
Would love your thoughts, please comment.x
()
x