A few weeks ago Newcastle Uni was hit with a devastating ransomware attack poaching data from new students, teachers and other faculty members. The Cybercriminal group behind the attack known as DoppelPaymer have posted some of the stolen files online and are threatening to release more unless a ransom payment is made. In the same week, Northumbria Uni was hit with a similar attack on their systems highlighting the danger the education sector is under as they become a larger target for cybercriminals.
It is unknown if the Uni plans to pay the ransom fee to prevent all their staff and students' personal data being leaked online. However, the university spokesperson has declared that the uni is continuing to investigate the full impact of the cyber attack with the help of local law enforcement. As it appears the education sector is becoming a high-value target for cybercriminal groups the National Cyber Security Centre issued a warning to the entire academic sector including steps that should be taken to ensure network security.
A spokesperson for the Department for Education said: “We understand that cyber attacks on universities are disruptive for students and staff. That is why we regularly work closely with the NCSC with other government departments, agencies, and industry cyber specialists to continuously improve our understanding of cyberattacks in the education sector."
Over the past few years, the education sector has seen a significant increase in the frequency, sophistication and overall cost of cyber attacks. From 2018-2019 there was a 192% increase in cyberattacks with an average of 40 attacks per institution and these numbers will only continue to rise. With the recent Covid pandemic flaws in cybersecurity have been highlighted even more as it became increasingly difficult to make improvements to security systems leaving institutions increasingly vulnerable. As education institutions hold masses of highly sensitive data on not only students but teachers including name, address, DOB, payment details, ID's, health record and much more. If all this data fell into the wrong hands then thousands of people could be exploited.
Even though improving the quality of cyber defences should be a main priority, almost all successful cyberattacks require human interaction. This is why education industries should be regularly training their staff and students on avoiding malicious attacks and how they can defend against it.
For more information on how to avoid cyberattacks message our expert team at firstname.lastname@example.org.