NCSC warns of ransomware attacks against UK universities – experts reaction

Today, the NCSC has issued an alert on ransomware attacks against the UK education sector. Cybersecurity experts reacted below.


EXPERTS COMMENTS
Carl Leonard, Principal Security Analyst,  Forcepoint
September 18, 2020
The traditional rules-based approach to security is far too reactive and slow to respond to changes in this kind of environment.
The past few months have seen an array of organisations come under some high profile cyberattacks – malicious actors know the public and private sector alike is more reliant on digital capabilities than ever before, and so they’re taking full advantage to profit wherever they can. What’s more, a malicious insider would also recognise that their organisation is being presented with challenges ....
[Read More >>]
Joseph Carson, Chief Security Scientist & Advisory CISO,  Thycotic
September 18, 2020
We need to ensure our future generations have sufficient cybersecurity awareness training and security solutions.
The challenge with educational institutions is they operate with a high retention - meaning that students come and go - so maintaining cybersecurity is a huge challenge and means that these establishments must adopt a strong identity and access management with a solid privilege access management solution. Many students connect their personal devices to the education’s networks and, with almost n ....
[Read More >>]
David Hartley, Technical Director,  F-Secure
September 18, 2020
We're not impenetrable but we can put up a fight.
Over the past 5 years or so since the inception of CBEST, which served as a catalyst for industries and sectors looking to subject themselves to resilience assurance activities, F-Secure’s Red Team has been able to successfully realise CNE (Computer Network Exploitation), facilitating recon and espionage, as well as CNA (Computer Network Attack). This allowed us to cause damage, destroy, or disr ....
[Read More >>]
Jamie Akhtar, CEO and Co-founder,  CyberSmart
September 18, 2020
Follow the fundamental rules of cyber hygiene like strong password protection, up-to-date software, and enable firewalls to prevent breaches.
It's not surprising that the NCSC is trying to raise awareness around security in education. Cybercriminals are opportunists and they will target any industry they sense is distracted by other obligations. In May 2020, Microsoft Security Intelligence found that 61 percent of nearly 7.7 million enterprise malware encounters came from those in the education sector, making it the industry most affect ....
[Read More >>]
Stuart Sharp, VP of Solution Engineering,  OneLogin
September 18, 2020
Security awareness training is also key in preventing employees and students from falling for phishing attacks.
The education sector is no different from any other industry, COVID-19 has accelerated its digital transformation programs. Accompanying this is a rise in ransomware attacks as we’ve seen in recent headlines. Fortunately, securing such institutions from an attack largely comes down to cyber hygiene - steps that have been laid out by the NCSC. Chief among them is the implementation of multi-facto ....
[Read More >>]
Ashish Gupta, CEO,  Bugcrowd
September 18, 2020
Failing to ensure security at the scale needed will grant attackers access to large quantities of student and even teacher information.
Vulnerabilities exist in every platform, including Learning Management Systems (LMS) used by schools to enable remote learning. However, with the speed schools have been pushed to enable widespread remote learning, there is an even greater chance that their developers inadvertently create or are completely unaware of severe flaws adversaries can exploit to launch devastating attacks. This speci ....
[Read More >>]
Jake Moore, Cybersecurity Specialist,  ESET
September 18, 2020
Data security must remain the highest priority for businesses who have remote workers.
As increasing numbers of both staff and students log in from home, remote users must be reminded of the potentially catastrophic dangers of phishing emails. Everyone should treat attachments and links with the utmost caution, but this is especially important when out of the more secure office environment. Data security must remain the highest priority for businesses who have remote workers – or, ....
[Read More >>]
Tim Sadler, CEO,  Tessian
September 18, 2020
While DMARC is a necessary first step to preventing domain impersonation, it has its downfalls and hackers will find ways around it.
It’s important to remember ransomware attacks are often delivered via phishing emails, so it’s concerning to see that nearly all of the top 20 UK universities do not have DMARC policies in place to protect their domains from being spoofed by scammers. We have seen hackers capitalise on key moments throughout the pandemic using phishing attacks, so it’s likely they will use this ‘back to sc ....
[Read More >>]
Chris Boyd, Lead Malware Intelligence Analyst,  Malwarebytes
September 18, 2020
All students should keep up to date with the latest best practice guidance issued by their university and help to keep everyone secure.
One major problem faced by universities is that while they can bolster their own defenses, it could be a bridge too far to secure all of their students studying remotely. If attackers find campus networks too difficult to breach, they'll likely turn attention to students who could still end up providing another route past security protocols. We'd urge all students to keep up to date with the lates ....
[Read More >>]
Mark Nicholls, CTO,  Redsca
September 18, 2020
The cost of failing to protect scientific research is immeasurable.
UK universities are among the most well-respected learning and research centers globally, yet our analysis highlights inconsistencies in the approach institutions are taking to protect their staff, students, and intellectual property against the latest cyber threats. The fact that such a large number of universities don’t deliver cybersecurity training to staff and students, nor commission in ....
[Read More >>]
Andy Warren, UK&I Director,  Veritas Technologies
September 18, 2020
Breaches can do some serious, long-lasting damage.
2020 has shown us that when it comes to ransomware attacks, it is a matter of if, not when. With many students relying on virtual lectures, downtime caused by ransomware will have a massive impact on their education and on Universities ability to provide the services they charge for. And this is to say nothing about data compliance. Breaches can do some serious, long-lasting damage. The best de ....
[Read More >>]
Matt Aldridge, Principal Solutions Architect ,  Webroot
September 17, 2020
Educational institutions need to ensure they are not the low hanging fruit that makes easy pickings for cybercriminals.
It’s unsurprising that education institutions continue to be targets for cybercriminals, especially considering they can be large sprawling organisations that are hard to administer and secure. Balancing resources between their mission of educating their students and the need for cybersecurity is an ongoing challenge. For cybercriminals, now is the perfect time to cause disruption as students ....
[Read More >>]
Jamie Collier, Intelligence Analyst,  Mandiant Threat Intelligence
September 17, 2020
Ransomware groups are increasing and diversifying.
The influx of attacks against universities at the beginning of term is indicative of threat actors' ultimate aim with ransomware attacks - to maximise leverage and increase the chance of being paid. Sometimes leverage means compromising particularly sensitive data, or a particularly critical system, but sometimes it just comes down to timing. The start of term is a critical time for universities t ....
[Read More >>]
Andy Swift, Head of Offensive Security,  Six Degrees
September 17, 2020
Understand where the cyber security risks are and align postures accordingly
Although disappointing, cybercriminals' focus on the education sector is hardly a surprise. Many schools, colleges and universities that have pivoted from classrooms to online learning have focused on deploying supporting technologies without giving due diligence to the cyber security risks they have introduced. Cybercriminals know this, and the successful ransomware attacks they have launched to ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article