Universities and colleges are being warned of a rising number of cyber attacks that could threaten the start of term.
The alert from the National Cyber Security Centre (NCSC) follows an investigation into a recent spate of attacks on colleges and universities around the country, including ransomware attacks that disrupted Newcastle and Northumbria universities at the start of September.
The NCSC is recommending that organisations implement a 'defence in depth' strategy to protect against the threat of malware. This approach recommends the use of a layered system of security measures with multiple defence mechanisms ready to step in if one is compromised.
Organisations are also being advised to implement an incident response plan, which should include a scenario for a ransomware attack that has been fully exercised.
"This criminal targeting of the education sector, particularly at such a challenging time, is utterly reprehensible," said Paul Chichester, director of operations at the NCSC.
"While these have been isolated incidents, I would strongly urge all academic institutions to take heed of our alert and put in place the steps we suggest, to help ensure young people are able to return to education undisrupted."
RELATED RESOURCE
2020 email security strategy guide
A people-centric approach to stopping malware, phishing, and email fraud
The NCSC's investigation began in August, shortly after cloud service provider Blackbaud notified its customers that it had been hit by ransomware, a clientele that is mostly made up of non-profit organisations and education providers. A number of universities and colleges were reported to have lost data in the attack.
At the start of September, Northumbria University was forced to cancel exams and shut down its clearing hotline after a cyber attack. This was swiftly followed by a similar incident at Newcastle University, which forced a number of online support services offline.
Ahead of the new academic year, with students returning to universities and colleges under social distancing measures, the NCSC has issued a set of security recommendations. These include an effective vulnerability management and patching procedure, the use of multi-factor authentication, the scrapping of scripting environments and macros, and the installation of antivirus software to prevent phishing.
-
RSAC Conference 2025: The front line of cyber innovationITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job lossesNews With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker groupNews An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabsNews An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
It's been a bad week for ransomware operatorsNews A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attackNews A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector
-
Scattered Spider: Who are the alleged hackers behind the M&S cyber attack?News The Scattered Spider group has been highly active in recent years
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reported
News Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the lastNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackersNews Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
