Ransomware threat to unis | Professional Security

For some, meaningful investment in cyber security only comes after some breach or incident. Prevention is always better than – and cheaper than – a cure. Hence a plea by Jisc, the UK body that serves higher education with cyber and other services such as the Janet IT network, for all senior leaders to engage with cyber security.

Technical managers need the support of vice chancellors, principals and their board members, who ought to have oversight and take responsibility for cyber security as a strategic priority, says Dr John Chapman, Head of Janet policy and strategy, at Jisc. In a blog, he introduces Jisc’s cyber impact report first published in November 2020 and this month revised (32-page pdf on this link) and updated to include anonymised case studies of more recent incidents that underline the increased threat of ransomware attacks.

In the 18 months between reports, the main development has been the sustained increase in ransomware attacks, he writes: 15 further education (FE) and higher education (HE) organisations were impacted by ransomware in 2020, a further 18 in 2021, and at least three so far in 2022. More than 100 UK schools have also been affected.

Ransomware attacks have evolved with more threat actors applying ‘double extortion’ methods, demanding a ransom to provide a decryption key and threatening to make sensitive data public if the ransom isn’t paid. There have also been instances where attackers have sought out back-ups, to hamper recovery and apply further pressure.

Despite financial constraints, it’s not all bad news in the report; it hails leadership awareness of cyber attacks as increased tremendously over the last few years and particularly since the covid-19 pandemic (that as in other fields, brought cyber and IT more to the fore as staff and students worked and learned remotely, using tech that had to be secure). A mass migration to remote working inadvertently opened institutions to attack by implementing insecure remote access, the report says; though institutions did speed up the bringing in of MFA (multi-factor authentication) as a control.

Institutions are becoming more prepared, the report states. “However, our work has concluded…