Cyber: A Bad Week for Universities

Cyber: A Bad Week for Universities

It’s been a bad 7 days for the World’s universities on the cyber front.

Last week, MacEwan University in Canada lost £7.5 million to a phishing attack at about the same time as a hacker stole the private details of 13,000 students at Australia’s North Metropolitan TAFE.  Then on Monday 5 September, The Times released a story about “Criminals launching hundreds of successful cyberattacks on British universities each year, targeting scientific, engineering and medical advances including research into missiles”.

Cyber Attacks against Universities is not a new phenomenon.  We’ve been tracking cyber security breaches at Higher Education institutions world-wide going back as far as 2002.  Whilst most breaches are crime related, other threat actors are also highly active in this area, in particular malicious insiders aiming to cause mischief, hacktivists with a political message to pursue and novice hackers out to make a name for themselves.

A much less frequently observed motive is industrial espionage by state sponsored attackers.  Although it has happened, it is, by the very nature of the sophisticated methods used, very hard to detect and even harder to attribute to a specific organisation or country.

However, it is a real threat to Universities and their intellectual property and we have several examples.  In 2015 Iranian hackers tried to access the research of Israeli physicists’ and nuclear scientists at Haifa University and Chinese hackers reportedly targeted military related research at the National Defence University in Taiwan; the University of Virginia and Pennsylvania State in the USA.

It’s a threat that has been identified for several years.  As far back as April 2011, the US Federal Bureau of Investigation released a White Paper titled “Higher Education and National Security: The Targeting of Sensitive, Proprietary and Classified Information on Campuses of Higher Education”.  Although US centric, it warns very clearly that some foreign nations continually attempt to gain political, military, and economic advantages by stealing intellectual property from Western Universities.

One very good point made in the White Paper is the range of tactics that have and continue to be used to gain access to this data.  In addition to the hacking attacks reported by The Times, the FBI noted that foreign organisations also frequently:

  • Utilize students or visiting professors to collect information;
  • Spot and recruit students or professors;
  • Send unsolicited email or invitations;
  • Send spies for language and cultural training and to establish credentials.

One of the many conclusions to be drawn is that there is no single defence mechanism which will protect Universities and their data.  One of our previous blogs, No Silver Bullets, whilst focused on defences against ransomware, is equally applicable to the espionage scenario.  Only a carefully designed and implemented defence in depth strategy can provide any degree of protection.

If you want to know more about cyber-attacks and data breaches at Universities or generally how to reduce your cyber risks, you can download more blogs from our website or email us at and we’ll be happy to chat.

Lawrie Abercrombie M.Inst.IISP is Technical Director at Arcanum IS Ltd, a specialist Cyber Risk Management Consultancy working with Businesses, Government and Defence Industry.

One of few Lead Security & Information Risk Advisors certified by the UK’s National Cyber Security Centre, Lawrie originally learnt his trade commanding the British Army’s first Cyber Security team. Since then he has worked on multiple projects across the Commercial and Government sectors, including Academia, Maritime; Defence and Finance.