British Universities Vulnerable To Credentials Fraud

Uploaded on 2023-06-29 in NEWS-Cybersecurity News, JOBS-Training, FREE TO VIEW

 A leading cyber security solutions company, Crossword, has published its analysis of online criminal markets detected by its Trillion risk monitoring platform, which concludes that UK universities are at high risk of major cyber security incidents launched using stolen credentials.  

The Trillion team discovered 2.2 million breached credentials available on the dark web for the top 100 British institutions, with 57% belonging to the 24 Russell Group Universities.

With over 2.41m staff and students at UK universities in the 21/22 academic year studying for degrees, including 679,000 students from outside the UK, the potential reach and impact of a breach is serious, placing personal information at risk and disrupting the studies of millions that have chosen the UK as the place to invest for their future.  

Research Facilities In The Crosshairs

The UK university sector is renowned for the quality of its research facilities, driving innovation across many sectors including healthcare and technology, as well as government funded programmes of national importance such as nuclear energy and defence. In particular, Crossword found that 54% of the breached credentials came from UK universities with research facilities.

Location & Size

The location and size of universities has an impact on the extent to which credentials have been breached, with London substantially at more risk, with 506,330 (20%) credentials breached, followed by the South East (334,251 – 13%) and Scotland (306,873 – 12%). Other key findings related to size and location include:

  • Top 30 universities are up to 50% more likely to have breached credentials than any other institution in the remaining top 100
  • London universities have more breached credentials (506,330) than Scotland, Wales and Northern Ireland combined (465,767)
  • Largest segment of breached credentials by university student population: 

o    More than 30,000 students - 38% had 20,000-30,000 breached credentials
o    20,000-30,000 students – 39% had 10,000-20,000 breached credentials
o    10,000-20,000 students – 38% had 10,000-20,000 breached credentials
o    5,000-10,000 students – 29% had 2,000-4,000 breached credentials.  

 These environments are amongst the most uniquely challenging to protect with overlapping requirements for secrecy and openness, so many attack paths need to be factored. Crossword's advice for all organisations, not just the education sector, is to include the proactive monitoring for stolen credentials, and a requirement for multi-factor authentication.

  • Use Two Factor Authentication (2FA) on user accounts - Using 2FA on internal systems is a good start. But this does not always protect you when working with external partners, such as law firms, expense portals etc, as their systems may not require it. So you should always remain vigilant.
  • Does single sign-on (SSO) protect us? Not really. If an attacker can obtain a valid password for your SSO application then they can use it for wider access. If they can access your email account then they can probably request password resets, which they can then carry out.
  • Resetting passwords is only a temporary fix - The problem goes away until one of your new passwords is leaked again by another site you are using. So you need to maintain an ongoing process of protection.
  • Have a policy that enforces complex passwords - The NCSC website has good guidance on choosing secure passwords. But remember your passwords still need to be unique for each website. And even a complex password, if it’s stolen from a 3rd party, can still be used against you.
  • Use a 3rd party tool to monitor for breaches – These tools can automatically monitor and track stolen credentials, alerting organisations and users to a breach.  Trillion also applies proprietary risk scoring algorithms to rapidly alert organisations to the presence of their user credentials on the Dark Web.

Commenting on the findings, Stuart Jubb, Group Managing Director at Crossword said: “UK universities and research facilities are among the most respected in the world, and protecting that reputation includes protecting the students, staff and information that is shared with them for research projects by government, the public and private sector, through effective cyber security practices.

You Might Also Read: 

Manchester University Hacked:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Email Impersonation Attacks Reach All-Time High
Twenty Million Scam Emails Reported In Britain »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: Harnessing the power of Security Information and Event Management (SIEM)

ON-DEMAND WEBINAR: Harnessing the power of Security Information and Event Management (SIEM)

Join our experts as they give the insights you need to power your Security Information and Event Management (SIEM).

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

QinetiQ

QinetiQ

QinetiQ is one of the world's leading defence technology and security companies. Areas of activity include air, land, sea and space systems, weapons, robotics, C4ISR and cyber security.

HackerOne

HackerOne

HackerOne was started by hackers and security leaders who are driven by a passion to make the internet safer.

Kirkland & Ellis

Kirkland & Ellis

Kirkland & Ellis LLP is an international law firm with offices in the USA, Europe and Asia. Practice areas include Data Security & Privacy.

Nubo Software

Nubo Software

Nubo’s Virtual Mobile Infrastructure creates a virtual corporate device on your employee smartphones and tablets. Enable unlimited mobility without leaving any data at risk.

Flexential

Flexential

Flexential helps organizations optimize their journey of IT transformation while simultaneously balancing cost, scalability, compliance and security.

Sliced Tech

Sliced Tech

Sliced Tech provides enterprise grade managed Cloud services, including Security-as-a-Services, aimed at meeting the needs of commercial and government clients from within Australia.

New Zealand Internet Task Force (NZITF)

New Zealand Internet Task Force (NZITF)

The New Zealand Internet Task Force (NZITF) is a non-profit with the mission of improving the cyber security posture of New Zealand.

MER Group

MER Group

MER Group is a world-leading integrator in the areas of communications and security. MER cyber solutions cover the entire range of cyber and intelligence related products and services.

Cryptshare

Cryptshare

Cryptshare is a communication solution that enables you to share e-mails and files of any size securely.

Akito

Akito

Akito was set up to become a point of reference in the ICT market for issues related to Security and in particular Cyber Security.

Sixteenth Air Force (Air Forces Cyber)

Sixteenth Air Force (Air Forces Cyber)

Air Forces Cyber provides mission integration of Information Warfare at operational and tactical levels, creating dilemmas for adversaries in competition and, if necessary, future conflicts.

Ostendio

Ostendio

Ostendio is a cybersecurity and information management solutions provider that develops affordable compliance solutions for digital health companies and other regulated entities.

CyberArmor

CyberArmor

Cyber Armor defend everyday IT and OT systems, from government agencies to critical infrastructure, from system integrators to small industries.

KSOC Labs

KSOC Labs

KSOC is an event-driven SaaS platform built to automatically remediate Kubernetes security risks.

Cydea

Cydea

Cydea are an optimistic cyber security consultancy of experts in security, data, technology and design that want to build a safer, more secure world where more things go right.

Ark Technology Consultants

Ark Technology Consultants

Ark Technology Consultants is a unique IT Services Firm which blends technology solutions with consultative insight around governance and process management.