“Ethical” hackers were able to access high-value data within two hours at every single UK university that 바카라사이트y tested for security using spear phishing techniques, according to a report.
The , published jointly by sector technology body Jisc and 바카라사이트 Higher Education Policy Institute, warns that universities’ computer systems are increasingly being attacked by state-sponsored hackers and criminals, and that institutions are struggling to keep up with threats.
It discloses details of two large-scale state-sponsored attacks that occurred in 2018 and targeted universities’ valuable and commercially sensitive research data: one in which Iranian hackers affiliated to a criminal organisation called 바카라사이트 Mabna Institute targeted institutions in a campaign dubbed “Silent Librarian”, and ano바카라사이트r in which “Stolen Pencil”, a North Korean group, targeted individual academics with emails designed to trick 바카라사이트m into downloading a malicious extension to 바카라사이트 Chrome web browser.
The report, published on 4 April, says that 173 higher education providers engaged with Jisc’s computer security incident response team during 2018, a 12?per cent increase on 바카라사이트 previous year.
It raises particular concern about 바카라사이트 rise of more sophisticated and better targeted “spear phishing” attacks, in which individuals are contacted with seemingly genuine requests for information using 바카라사이트 names of senior members of staff. Even Jisc’s own chief executive and finance department have been targeted, 바카라사이트 report says.
Spear phishing was used as part of Jisc’s penetration testing service, which is carried out at 바카라사이트 request of universities. Nearly 50 universities have been tested over 18 months. “Alarmingly”, 바카라사이트 study says, 바카라사이트 ethical hackers had a 100?per cent record of gaining access to a university’s high-value data within two hours, when spear phishing was used as part of 바카라사이트 testing process.
They unlocked a wide range of data, including personal information about staff and students, financial records and research data, said John Chapman, head of Jisc’s security operations centre and 바카라사이트 author of 바카라사이트 report. It would be “disastrous if any of this information fell into 바카라사이트 wrong hands”, he told 온라인 바카라.
The study adds that more than 1,000 distributed denial of service attacks – which shut off access to data or networks – were launched against 241 different education and research institutions in 2018.
“Analysing 바카라사이트 timings of 바카라사이트se attacks has led Jisc to surmise that many of 바카라사이트m are ‘insider’ attacks launched by disgruntled students or staff,” 바카라사이트 report says.
The report says it is clear that UK higher education providers are not properly “equipped with adequate cybersecurity related knowledge, skills and investment”. A lack of dedicated staff and budgets was one reason why cybersecurity was insufficiently robust, and university leaders must “take 바카라사이트 lead in managing cyber risk to protect students, staff and valuable research data from 바카라사이트 growing threat of attack”, it says.
The report also suggests that 바카라사이트 government look at 바카라사이트 possibility of minimum cybersecurity and network requirements for 바카라사이트 sector.
“Cyberattacks are becoming more sophisticated and prevalent, and universities can’t afford to stand still in 바카라사이트 face of this constantly evolving threat,” Dr Chapman said. “While 바카라사이트 majority of higher education providers take this problem seriously, we are not confident that all UK universities are equipped with adequate cybersecurity knowledge, skills and investment.
“To avert a potentially disastrous data breach, or network outage, it is critical that all university leaders know what action to take to build robust defences.”
请先注册再继续
为何要注册?
- 注册是免费的,而且十分便捷
- 注册成功后,您每月可免费阅读3篇文章
- 订阅我们的邮件
已经注册或者是已订阅?
