Cyber Threat To University Networks

The University of Edinburgh was a victim of a Denial of Service attack, which happened on the first day of freshers’ week. It affected the university’s websites, online services and Wi-Fi networks. Following the attack, the website of Jisc, who provide digital solutions to UK education and research organisations, featured a blog post which explored how and when Denial of Service attacks impact universities.

The post observed that Denial of Service attacks were most frequent between 0800 and 1500, and dramatically less frequent during university holidays. The author noted that the timing could be indicative that staff and students were the key initiators of the attacks, while recognising that there was little benefit in disrupting an organisation during its quietest periods.

The annual slow-down in attacks, which occurs as universities enter their summer break began earlier this year. The author noted that this may have been due to law enforcement activity.

In April, the National Crime Agency (NCA) and Dutch partners took down webstresser.org as part of Operation Power OFF. The website had been a leading provider of Denial of Service attacks, with upwards of 4 million attacks being orchestrated through the site, for fees as low as £11.

While disruptive attacks cause the most visible difficulties for staff and students, intrusion and theft by state-sponsored groups and cyber criminals remain key threats to the sector.

In August, Dell Secureworks reported on a global campaign which targeted 76 universities in 14 countries. The campaign saw victims directed to spoofed versions of their university’s website, where their credentials could be stolen. Stolen credentials can enable theft of sensitive information, can be used to influence or deceive others, and are themselves a saleable commodity. The report attributed the campaign to a state-sponsored Iranian group.