As universities gear up for the start of the academic year at the end of the month, and many, including Cambridge, Bristol and Cardiff, committing to remote learning for the full academic year, it is vital that they do not lose sight of the security risks they’re facing.
In addition to the cyberattacks we’ve seen impact Northumbria and Newcastle Universities in the last week, the past few months have seen a sharp rise in Distributed Denial-of-Service (DDoS) targeting the education sector.
Commenting on the most recent targeting of Newcastle University with a sophisticated ransomware attack, Jérôme Robert, Director at Alsid, said:
“Seemingly timing these attacks to coincide with the start of the new school year probably serves a tripartite purpose. Universities are deeply focused on preparing for the start of the academic year in uniquely challenging conditions, which may make them more susceptible to cyberattacks because of the sheer volume of activity and the complexity involved in implementing large scale hybrid learning. Secondly the timing makes these attacks more disruptive and damaging when systems are taken offline and data is unavailable. And thirdly the attacks have probably reasoned that this means ransoms are more likely to be paid in the hope that systems and data can be brought back online as quickly as possible.
“It’s bad news for Newcastle University that the DoppelPaymer organisation has claimed responsibility for the attack because the group is known for being one of the hungrier ransomware operators meaning that it keenly pursues large ransom payments. The fact that Northumbria University was also thought to have been hit by a similar attack recently serves as a warning to all universities to be extra watchful now, as this pattern seems to indicate a concerted attempt by the attackers to target educational institutions at what they see as an opportune moment. Universities should make sure that all key patches and updates are installed, that they are carefully monitoring their network for signs of intrusion and that their Active Directory system is secure and being closely monitored - especially for signs of privileged user escalation or lateral movement. The Active Directory represents the keys to the castle in IT terms, so it pays to make sure it’s hardened and closely monitored to help prevent many different types of threats, including ransomware.”
With Northumbria’s incident resulting in restrictions against students entering campus, and Newcastle’s predicted to take weeks to sort out, it’s clear that the ramifications of cyberattacks in the education sector should not be underestimated.
New independent research from Juniper Networks shows that whilst it’s no surprise to anyone that IT security professionals are worried about security on their networks, the shock is just how challenging it has been for education institutions to secure them properly this year, and with so much sudden and unexpected change in 2020, these challenges have been amplified.
The study comprises insights from 1,000 senior IT networking and security leaders in organisations of 1,000+ employees across large organisations across education and other sectors between June and July.
Key Findings for the Education Sector
- 92% feel their network reliability and performance need to improve across their organisation. This problem seems to have been exacerbated by the COVID-19 pandemic, with 85% admitting their network and security sometimes struggle with the increased demands placed upon them. With educational institutions currently depending on networks more than ever for virtual learning, their entire service offering goes out the window if their network does.
- With network performance leaving a lot to be desired, 63% are spending the majority of their time simply ‘keeping the lights on’. And with resources spread so thin as a result, a staggering 85% think it’s likely that their organisation is in danger of not being able to keep up.
- Interestingly, there seems to be a disconnect between the challenges they are facing and what they’re planning to do to address these challenges. Despite their top priority for the next 12 months being improving IT security/efficiency (58%), teams are only spending 9.31% of their IT budget on security. And with 86% feeling that the COVID-19 pandemic may restrict existing plans to improve network security, this doesn’t look like it is going to improve any time soon. If plans to secure the network are hampered, educational institutions are in danger of putting their staff and students at risk.