Hackers have been targeting British Universities, stealing sensitive student and research data. Freedom of Information requests by The Times reveal 1,152 security breaches in the past year, including Oxford, Warwick, and UCL.
Experts say criminals are taking advantage of lax security by stealing research on missiles, medical advances, and stealth technology. One university said many more attempts had been thwarted, with up to 10,000 attacks each month. The attacks were traced to China and the Far East.
“Universities drive forward a lot of the research and development in the UK. Intellectual property takes years of know how and costs a lot. If someone can get that very quickly, that’s good for them. Certainly somebody might attack a university and then provide that information to a nation state,” said Carsten Maple, director of cyber-security research at Warwick University.
Maple said the defenses must be enhanced, echoing statements from GCHQ earlier this year. Following an attack on UK parliament, it stressed organization’s need for robust counter-measures.
However, British University networks present unique security difficulties, according to Cylance security head Dr. Anton Grashion.
“Their network environments are some of the most challenging networks to manage, with usually smaller security and staffing budgets,” he explained.
Identify Theft and Cyber-Physical Attacks
While the majority attacks have focused on research, hackers are also stealing student data. Detailed information on students and faculty can be used for identity theft, money laundering, or further attacks.
According to Darktrace director Dave Palmer, attackers have also targeted the medical records of university hospitals. Like the WannaCry attack on Britain’s NHS, attackers have employed ransomware, DDoS, and phishing techniques.
“What’s also increasing are cyber-physical attacks where our buildings are affected,” said Maple. “Heating, ventilation and management systems are connected to the internet. That’s especially worrying for places like the health service.”