INSUBCONTINENT EXCLUSIVE:
While cyberattacks against large businesses are often carried out by cybercriminals, new research from the government-funded agency Jisc has
discovered that staff or students could be responsible for cyber-attacks against colleges and universities.The agency examined the timing of
850 attacks that took place during the 2017-2018 academic year and identified a 'clear pattern' of attacks that occurred during term times
and during the working hours of educational institutions.Jisc found that the number and rate of attacks decreased significantly once the
holidays began which gives even more credibility to the idea that either students or disgruntled staff could be behind the cyberattacks on
colleges and universities.The timing and nature of the attacksGenerally it is quite difficult to identify individual cybercriminals but the
agency produced a report which showed that the attacks coincided with the times when students and staff were most likely to be present
The attacks increased from 8am or 9am and then tampered off during the early afternoon
There was also a sharp decline in attacks during the Christmas, Easter and summer breaks with the attacks beginning again once terms
resumed.During the academic year, more than 850 attacks were carried out against almost 190 universities and colleges which was up from 600
malware, ransomware and phishing attacks to steal sensitive data
Instead, they launched distributed denial of service (DDoS) attacks aimed at disrupting or even bringing down the institutions'
networks.Educational institutions are still on cybercriminals' radarData privacy expert at McAfee, Nigel Hawthorn explained that while these
attacks just aimed at disrupting networks, cybercriminals are still quite interested in the data held by educational institutions,
crucial that the security and education sectors work together to protect it
industries.Higher education organisations and others across the public sector are also facing up to how best to effectively and securely
manage their shift to the cloud, and the rapidly increasing number of cloud applications and environments which is making security much more
complex.Universities must first and foremost recognise the value of the data they protect, and therefore its appeal to cyber criminals
It is also crucial that security is built in from the outset with robust processes
This should incorporate the ability to detect threats as soon as they arise and, once targeted, correct systems quickly to minimise
