British University Data Breaches Are A Lesson For All

Uploaded on 2023-07-31 in NEWS-Cybersecurity News, JOBS-Training, FREE TO VIEW

Data breaches have been back in the headlines recently after hackers found a way to break in the Progress Software MOVEit transfer tool.  The hack was predicted to give hackers personal details of over 100,000 employees of some of the world’s best known organisations, through no fault of their own.

Sadly, this episode has been another example of the risk posed by supply chain attacks, where a hacker attacks a third-party provider with the aim of causing disruption, or gaining access to the systems of another company in the supply chain to impact them directly.  

This can be by encrypting their data, as was experienced with the NHS data breach - which affected the entire country by comprising the personal data of over a million patients and caused operational systems to be taken offline. 

Higher Education’s Higher Risk

These attacks should not be viewed as only impacting large enterprises or suppliers to those organisations. Our own research of online criminal markets has found that UK universities are at high risk of major cyber security incidents being launched using breached login credentials.  Our Trillion team discovered 2.2 million breached credentials available on the dark web for the top 100 UK institutions, with 57% belonging to the 24 Russell Group Universities.  The University of Manchester found itself in the news previously over emails threatening a data breach, and is working with the ICO to investigate. It won’t be the last.

To put these figures in perspective, there were over 2.41m staff and students at UK universities in the 21/22 academic year (HESA student and staff records) studying for degrees, including 679,000 students from outside the UK. The potential reach and impact of a breach is serious, placing personal information at risk and disrupting the studies of millions that have chosen the UK as the place to invest for their future.

It's Not Just The Students At Risk

It would be easy to think that this is just a risk for the students and staff whose details have been breached.  However, the UK university sector is renowned for the quality of its research facilities, driving innovation across many sectors including healthcare and technology, as well as government funded programmes of national importance such as nuclear energy and defence.  Considering the following figure through that lens is more worrying – 54% of the breached credentials we found came from UK universities with research facilities.

UK universities and research facilities are among the most respected in the world, and protecting that reputation includes protecting the students, staff and information that is shared with them for research projects by government, the public and private sector, through effective cyber security practices.  

The challenge for the sector, is that higher education environments are amongst the most uniquely challenging to protect with overlapping requirements for secrecy and openness - so many attack paths need to be factored.

A Lesson For All, Not Just Higher Education

There are best practices that every higher education institute should employ, but they are not unique to that sector. And regardless of those processes every organisation should be proactively monitoring for stolen credentials, as these could be revealed through a third party breach somewhere else in the supply chain, or through a service that a member of staff uses in their personal life.

Every organisation should consider whether it has strong enough policies and processes in place in the following areas:

  • Use Two Factor Authentication (2FA) on user accounts - Using 2FA on internal systems is a good start. But this does not always protect you when working with external partners, such as law firms, expense portals etc, as their systems may not require it. So, you should always remain vigilant.
  • Does single sign-on (SSO) protect us? Not really. If an attacker can obtain a valid password for your SSO application then they can use it for wider access. If they can access your email account then they can probably request password resets, which they can then carry out.
  • Resetting passwords is only a temporary fix - The problem goes away until one of your new passwords is leaked again by another site you are using. So you need to maintain an ongoing process of protection.
  • Have a policy that enforces complex passwords - The NCSC website has good guidance on choosing secure passwords. But remember your passwords still need to be unique for each website. And even a complex password, if it’s stolen from a 3rd party, can still be used against you.

It is impossible to be 100% secure, and that should always be the mindset, but by putting in place the systems and processes outlined above, all organisations can go a long way to protecting their staff, students, partners and supply chains from becoming victims of a data breach that could have far reaching consequences.

Stuart Jubb is UK Group Managing Director at Crossword Cybersecurity

You Might Also Read: 

Higher Education: Lessons In Cybersecurity:

 

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Protecting Your Home Devices Against Attack
Have We Become Complacent About The ‘Insider Threat’? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Opscura

Opscura

Opscura (formerly Enigmedia) brings the reliable and cautious hands of operations together with the analytical minds of cyber experts and cryptography researchers.

WISeKey

WISeKey

WISeKey is a leading cybersecurity company currently deploying large scale digital identity ecosystems for people and objects using Blockchain, AI and IoT.

Conviso

Conviso

Conviso is a consulting company specialized in Application Security and Security Research.

Learn How To Become

Learn How To Become

At LearnHowToBecome.org, our mission is to help any job-seeker understand what it takes to build and develop a career. We cover many specialist areas including cybersecurity.

Braintrace

Braintrace

Braintrace’s services include Managed Detection and Response (MDR), Managed SIEM, SIEM-as-a-Service, SOC-as-a-Service, Advisory Services, and Incident Response.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

DarkOwl

DarkOwl

DarkOwl provides the world’s largest index of darknet content and the tools to efficiently find leaked or otherwise compromised sensitive data.

NetSPI

NetSPI

NetSPI is an information security penetration testing and vulnerability assessment management advisory firm.

InfoSystems Inc

InfoSystems Inc

InfoSystems provides reliable IT solutions to build and maintain strong and secure systems for both SMB and enterprise organizations.

Digitale Gründerinitiative Oberpfalz (DGO)

Digitale Gründerinitiative Oberpfalz (DGO)

Digital Founder Initiative Oberpfalz's goal is to build a sustainable start-up culture in the field of digitization throughout the Upper Palatinate district of Bavaria.

Nextgen Group

Nextgen Group

Nextgen Group is a pioneering technology services group with innovative and unique services across enterprise software, cloud, data management, and cybersecurity solutions.

Arctic Group

Arctic Group

Arctic Group is a Swedish service provider focusing on cybersecurity, integration services and deployment of software development tools.

Cyber Law Consulting

Cyber Law Consulting

Cyber Law Consulting is a Dynamic full service legal firm which offers complete services for Cyber Law, cyberlaw, Internet Law, Data Protection Act, Cyber Security, IPR, Drafting.

Brennan IT

Brennan IT

For over 25 years, Brennan’s expert team has helped businesses achieve real success through innovative and secure technology solutions.

CYBHORUS

CYBHORUS

CYBHORUS are a team of Italian cyber security experts, specialized in cyber threat defense and strategic and organizational consulting.

Autobahn Security

Autobahn Security

Autobahn Security is a growing team of 80+ experts from 25+ nationalities, established in 5 countries. We’re working hard to make Autobahn Security the No. 1 solution for improved hacking-resilience.