Academic Sector Warned Of Cyber Threat By NCSC

The education sector is being warned by the UK’s National Cyber Security Centre (NCSC), a part of GCHQ, of the scale of online threats being faced by schools and universities.

The NCSC said that it had issued an alert to the academic sector following a spate of ransomware attacks against UK schools, colleges and universities.

The NCSC said there had been a rise in ransomware attacks in August, as cyber criminals turn their attention to a sector focused on the return of students.

NCSC guidance

The NCSC issued its alert because it feels the spate of online attacks has the potential to de-rail educational preparations for the new term.

The NCSC alert also contained a number of steps universities and schools can take to keep cyber criminals out of their networks.

It said it had dealt with several ransomware attacks against education establishments in August, which caused varying levels of disruption, depending on the level of security establishments had in place.

“This criminal targeting of the education sector, particularly at such a challenging time, is utterly reprehensible,” said Paul Chichester, director of operations at the NCSC.

“While these have been isolated incidents, I would strongly urge all academic institutions to take heed of our alert and put in place the steps we suggest, to help ensure young people are able to return to education undisrupted,” said Chichester.

“We are absolutely committed to ensuring UK academia is as safe as possible from cyber threats, and will not hesitate to act when that threat evolves,” Chichester concluded.

Remote learning

At least one security expert has noted the cyber challenge being faced by academia, trying to contend with the Coronavirus pandemic and the need for remote learning.

“Schools and universities are culturally places of open collaboration, sharing ideas, and innovation,” explained Dave Palmer, director of technology at Darktrace.

“This is a challenge to secure, particularly when the physical wall around these networks has dissolved in the global transition to remote learning,” said Palmer.

“Facilitating remote learning has resulted in a widespread adoption of new collaboration tools – meaning new data movements and new holes in security defences,” Palmer added. “Cyber-criminals are opportunistic and have taken advantage of this shift, disrupting and extorting schools with fast-moving ransomware that infects their digital systems in a matter of seconds. At a time when schools cannot afford any disruption to learning, hackers know they are more likely to pay the ransom.”

“A growing number of schools and universities are tackling this challenge head-on, investing in artificial intelligence to keep pace with fast-evolving changes in their digital systems, and using AI to interrupt fast-moving attacks like ransomware,” Palmer concluded.

Vulnerable sector

Another expert noted that the education market has been a vulnerable sector for a while now.

“It’s not surprising that the NCSC is trying to raise awareness around security in education,” said Jamie Akhtar, CEO and co-founder of CyberSmart (cybersmart.co.uk). “Cyber criminals are opportunists and they will target any industry they sense is distracted by other obligations.”

“In May 2020, Microsoft Security Intelligence found that 61 percent of nearly 7.7 million enterprise malware encounters came from those in the education sector, making it the industry most affected by the increase in breaches during lockdown,” said Akhtar. “But long before Covid, education has been one of the most vulnerable industries.”

“The shift to online and distance learning and the vast amount of personal data held by schools, coupled with a lack of IT resources for protection has meant that the education sector is ripe for attack,” Akhtar warned. “Last year, a hacker-simulation test proved 100 percent successful in breaching 50 universities across the country to access student and staff personal data, financial systems and valuable research networks.”

“It’s no surprise that this year the UK government made Cyber Essentials, its security certification scheme that covers the fundamentals of cyber hygiene, a requirement for state funding for educational institutions working with the Educational and Skills Funding Agency,” Akhtar concluded. “Following the fundamental rules of cyber hygiene like strong password protection, up-to-date software, and enabled firewalls can go a long way in preventing breaches.”