A cyber-attack hit a university in Newcastle

A cyber-attack hit a university in Newcastle (Northumbria University) on Friday, which led to exams being cancelled and there have been operational disruptions across networks and IT systems.

  British colleges are a constant target for malicious actors. BEC scams, ransomware, disruptive attacks such as DDoS and research theft have all been factors in the wave of attacks we have seen over the last few years.

 In general, colleges and educational institutions are a common target for criminals, considering they are usually large sprawling organisations that are hard to administrate and secure. The service they provide is critical, which makes any downtime valuable. Most of the time, the precious data is on individual students’ laptops/desktops as well as university servers, and the monitoring of access and the massive challenge of stolen credentials pose real difficulties for IT departments.

 Therefore, to get to grips with the subject of cybersecurity, institutions need to engage cyber-resilience plans to protect their IT infrastructure and data regardless of the crisis. IT teams must properly audit all machines connected to their networks and the data they hold. Security awareness training should be implemented for staff and students from day one, ensuring that they are vigilant in scrutinising the types of emails they receive. This should be underpinned by cybersecurity technology such as email filtering, anti-virus protection, and sensible password policies.

 Kelvin Murray, Senior Threat Research Analyst at Webroot