Mark Sweeney, Regional Vice President, UK & Ireland, Citrix

There has been a sharp rise in the number of ransomware attacks on universities and higher education institutions since the beginning of the pandemic. In fact, one recent study claims the volume of attacks within this sector doubled in 2020, compared to 2019, with the average ransom standing at $447,000 (£328,134). Furthermore, according to the Cyber Security Breaches Survey 2021, by the Department for Digital, Culture, Media and Sport (DCMS), 91% of further education (FE) colleges surveyed said they had suffered a phishing attack over the past 12 months. Around a quarter (26%) of FE colleges admit they experience breaches or attacks at least once a week, which is on a par with the average business (27%).

Also in the last 30 days, Microsoft reports the education sector has encountered 5.6m malware attacks, making it as the most affected sector. To give some context, the second most impacted sector, which is business and professional services, reported just over 853,000 attacks in the same 30-day period. According to the World Economic Forum Global Risks Report 2020, cyberattacks rank first among global human-caused risks. Clearly, the threat level for the FE sector is particularly high, and while students continue to receive more and more of their learning online, the consequences are far-reaching. FE institutions need to give urgent priority to protecting themselves, their data, and their students from future attack.

Why is further education being targeted?

Fundamentally, cybercriminals are motivated by money and data: while most FE institutions may not be cash rich, they house a wealth of data that is perfect for extortion, blackmail or sabotage. In the case of universities particularly, research data and IP are often the primary target, and over the past year, COVID-19 research data has become an obvious motivator. For example, in February, one of the world’s top biology labs at Oxford University, undertaking valuable COVID-19 research, confirmed its systems had been compromised by attackers. Evidence suggested the bad actors had gained access to machines used to prepare biochemical samples, though the university refused to comment further on the scale of the breach. In the college sector, student data is also an attractive target, for identity theft.

In the wider FE sector, criminals are primarily looking to gain access to institution networks in order to use them as a springboard for other attacks, under the guise of being a trusted institution.

Another factor is that often we are dealing with reputationally motivated criminals, and if they can add a prestigious university to their list of exploits, this will enhance their standing or profile within the cybercrime community. Political motivation, competition, or international espionage can also be driving forces for nation states wanting to gain advantage over other countries, in matters such as the COVID-19 vaccination programme.

The high-performance computing (HPC) infrastructures of universities are also being targeted for bitcoin mining, which requires heavy computer calculations to verify transactions. As the currency’s value rises, so does its energy consumption, requiring large amounts of energy, and universities often have huge computational capability sitting idle and unmonitored, making them attractive targets. Last year, supercomputers across several European universities, including the University of Edinburgh, had to be shut down following an infection with cryptocurrency mining malware.

What makes FE institutions particularly vulnerable to attack?

Regretfully, universities and FE institutions are in a vulnerable position: not only are they attractive targets to cyber criminals, but additionally, they can be easy targets, lacking the resources required to properly secure their networks. Culturally, education establishments are set up to share and collaborate, and are trusting of the parties they do this with. Bad actors have taken advantage of this relaxed approach and collaborative culture. Additionally, universities were some of the first institutions to have internet access and so they’ve been targets for some time, meaning their security practices are well known to cyber criminals.

To compound the problem, many HE institutions are dealing with aging infrastructure, which is decentralised and controlled by many different departments, meaning that no one has overall control or visibility. Attackers also frequently target FE networks through their remote access systems such as remote desktop protocol (RDP) and virtual private networks (VPN), which can offer easy access points for their known vulnerabilities.

Many universities and colleges also fail to plan for an attack and overlook the importance of regular penetration (pen) and disaster recovery (DR) testing. If their systems are compromised, they have no way of restoring data, and their systems can be down for months, affecting students and their learning for quite some time; not to mention the reputational damage, financial damage, costly investigations, and loss of research funding, as well as unforeseen costs to rectify previously unknown security holes. In the FE sector, pen and DR testing are often overlooked due to a lack of resources, staff, and time, as organisations struggle to justify the cost amid other, more pressing priorities.

Large user churn is also a massive problem for education providers, with students leaving annually and new ones beginning. To compound the problem, the sector has a growing issue with BYOD policies, with thousands of students using their own devices to access the network, which the institution then has little or no control over. The risk is that a user opens a personal email using a webmail account, such as Gmail, which unleashes malicious software. This device could then fire up a VPN to access university services, potentially giving the malicious software access to the university’s network.

How can FE institutions ensure their data is secure?

While the risk of attack will remain, there are definite steps the FE sector can take to improve their cybersecurity measures and reduce the chances of falling victim to malicious attackers.

Introducing complex domain credentials and multi-factor authentication (MFA) across all user accounts is a good starting point, so if cyber criminals can breach login credentials, it's more difficult to exploit them for access around the network. Additionally, adopting a Least Privileged Access methodology is sensible, limiting users' access rights to only what they need to do their job or their course. Adopting a Zero Trust approach to security is also needed to ensure users and devices connected to the network are continuously challenged at all levels, along with Artificial Intelligence and Machine Learning anomaly detection. Zero Trust is a security concept based on the principle that organisations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access.

Decoupling data and applications from the endpoint device and adopting a centralised delivery model for services is also necessary within FE. Institutions that have adopted a centralised delivery model have dramatically reduced their attack surface, accelerated security patching and simplified recovery capabilities. Also moving applications and data repositories to SaaS options where possible, which eliminates the reliance on VPN to access university hosted services and goes some way to solving the burgeoning BYOD issue. Looking further ahead, the uptake of Chromebooks, for example, to replace BYOD, could prove a far more secure method for FE, since there is no history to date of them being compromised.

Furthermore, it is critical that penetration and DR testing are prioritised and carried out regularly, to ensure a sufficient back-up plan is in place where data can be easily recovered in the event of a breach. From this, an effective Cyber Incident Response plan can also be created and communicated. Education is essential, and students and staff need to be made keenly aware of the dangers of phishing attacks, particularly via email and web pop-ups.

Ultimately, with the number of incidents affecting the education sector growing, it is no time to be complacent. Currently, a mere 0.3% of all reported cybercrime complaints are enforced and prosecuted, and so the onus is on FE to put sufficient deterrents in place and ensure that their data is safe. The FE space has undergone unprecedented change over the past 18 months as a result of the pandemic, but transformation must continue at the same pace. The threat level within education will only continue to grow, even once in-person teaching resumes in September, and so it is critical FE institutions do all that they can to avoid being an easy and attractive target.

Mark Sweeney, Regional Vice President, UK & Ireland, Citrix

You may also be interested in these articles:

Sponsored Video

Register, Login or Login with your Social Media account:


Upcoming FE Events

Advertiser Skyscrapers

Newsroom Activity

FE News: The Future of Education News Channel had a status update on Twitter yesterday

The Environmental Impacts of Remote Work: Stats and Benefits: Working from home is a necessity rather than a luxury…
View Original Tweet

Latest Education News

Further Education News

The FE News Channel gives you the latest education news and updates on emerging education strategies and the #FutureofEducation and the #FutureofWork.

Providing trustworthy and positive Further Education news and views since 2003, we are a digital news channel with a mixture of written word articles, podcasts and videos. Our specialisation is providing you with a mixture of the latest education news, our stance is always positive, sector building and sharing different perspectives and views from thought leaders, to provide you with a think tank of new ideas and solutions to bring the education sector together and come up with new innovative solutions and ideas.

FE News publish exclusive peer to peer thought leadership articles from our feature writers, as well as user generated content across our network of over 3000 Newsrooms, offering multiple sources of the latest education news across the Education and Employability sectors.

FE News also broadcast live events, podcasts with leading experts and thought leaders, webinars, video interviews and Further Education news bulletins so you receive the latest developments in Skills News and across the Apprenticeship, Further Education and Employability sectors.

Every week FE News has over 200 articles and new pieces of content per week. We are a news channel providing the latest Further Education News, giving insight from multiple sources on the latest education policy developments, latest strategies, through to our thought leaders who provide blue sky thinking strategy, best practice and innovation to help look into the future developments for education and the future of work.

In Jan 2021, FE News had over 173,000 unique visitors according to Google Analytics and over 200 new pieces of news content every week, from thought leadership articles, to the latest education news via written word, podcasts, video to press releases from across the sector, putting us in the top 2,000 websites in the UK.

We thought it would be helpful to explain how we tier our latest education news content and how you can get involved and understand how you can read the latest daily Further Education news and how we structure our FE Week of content:

Main Features

Our main features are exclusive and are thought leadership articles and blue sky thinking with experts writing peer to peer news articles about the future of education and the future of work. The focus is solution led thought leadership, sharing best practice, innovation and emerging strategy. These are often articles about the future of education and the future of work, they often then create future education news articles. We limit our main features to a maximum of 20 per week, as they are often about new concepts and new thought processes. Our main features are also exclusive articles responding to the latest education news, maybe an insight from an expert into a policy announcement or response to an education think tank report or a white paper.

FE Voices

FE Voices was originally set up as a section on FE News to give a voice back to the sector. As we now have over 3,000 newsrooms and contributors, FE Voices are usually thought leadership articles, they don’t necessarily have to be exclusive, but usually are, they are slightly shorter than Main Features. FE Voices can include more mixed media with the Further Education News articles, such as embedded podcasts and videos. Our sector response articles asking for different comments and opinions to education policy announcements or responding to a report of white paper are usually held in the FE Voices section. If we have a live podcast in an evening or a radio show such as SkillsWorldLive radio show, the next morning we place the FE podcast recording in the FE Voices section.

Sector News

In sector news we have a blend of content from Press Releases, education resources, reports, education research, white papers from a range of contributors. We have a lot of positive education news articles from colleges, awarding organisations and Apprenticeship Training Providers, press releases from DfE to Think Tanks giving the overview of a report, through to helpful resources to help you with delivering education strategies to your learners and students.


We have a range of education podcasts on FE News, from hour long full production FE podcasts such as SkillsWorldLive in conjunction with the Federation of Awarding Bodies, to weekly podcasts from experts and thought leaders, providing advice and guidance to leaders. FE News also record podcasts at conferences and events, giving you one on one podcasts with education and skills experts on the latest strategies and developments.

We have over 150 education podcasts on FE News, ranging from EdTech podcasts with experts discussing Education 4.0 and how technology is complimenting and transforming education, to podcasts with experts discussing education research, the future of work, how to develop skills systems for jobs of the future to interviews with the Apprenticeship and Skills Minister.

We record our own exclusive FE News podcasts, work in conjunction with sector partners such as FAB to create weekly podcasts and daily education podcasts, through to working with sector leaders creating exclusive education news podcasts.

Education Video Interviews

FE News have over 700 FE Video interviews and have been recording education video interviews with experts for over 12 years. These are usually vox pop video interviews with experts across education and work, discussing blue sky thinking ideas and views about the future of education and work.


FE News has a free events calendar to check out the latest conferences, webinars and events to keep up to date with the latest education news and strategies.

FE Newsrooms

The FE Newsroom is home to your content if you are a FE News contributor. It also help the audience develop relationship with either you as an individual or your organisation as they can click through and ‘box set’ consume all of your previous thought leadership articles, latest education news press releases, videos and education podcasts.

Do you want to contribute, share your ideas or vision or share a press release?

If you want to write a thought leadership article, share your ideas and vision for the future of education or the future of work, write a press release sharing the latest education news or contribute to a podcast, first of all you need to set up a FE Newsroom login (which is free): once the team have approved your newsroom (all content, newsrooms are all approved by a member of the FE News team- no robots are used in this process!), you can then start adding content (again all articles, videos and podcasts are all approved by the FE News editorial team before they go live on FE News). As all newsrooms and content are approved by the FE News team, there will be a slight delay on the team being able to review and approve content.

 RSS IconRSS Feed Selection Page