Almost half of UK higher education institutions experience a cyber attack every week

On By Yukito

When you purchase through links in our articles, Future and its distribution partners may earn a commission.

Security attack. Security attack.

Source: Shutterstock / ozrimoz

The education sector continues to be plagued by malicious threats, with new research from Microsoft showing that almost half (43%) of UK higher education institutions experience weekly breaches or cyberattacks.

The company’s latest Cyber ​​Signals Report shows universities are top targets for malware, IoT vulnerabilities and phishing – with an average of 2,507 cyber attack attempts per week, according to the report.

This makes education the third most targeted industry, after manufacturing and retail.

High price

The report identified email systems and networks as a security vulnerability for universities because they offer wide scope for compromise. The need for constant communication both within and outside the school network leaves room for attacks by external users.

Because higher education institutions hold sensitive information about students and staff but don’t have huge cybersecurity budgets, they have become an attractive target for cybercriminals looking to extract data for ransom.

Recent research shows that schools and universities are paying higher ransoms than ever before, and more than two-thirds (67%) of higher education IT leaders report ending up paying more than hackers originally demanded.

“Educational institutions have a sense of responsibility to remain open and continue to serve their communities. These two factors may contribute to why victims feel so much pressure to pay,” said Chester Wiśniewski, director at Sophos.

Microsoft’s investigation also revealed nation-state actors targeting educational institutions. For example, Iranian state actors such as Peach Sandstorm and Mint Sandstorm have been observed using social engineering attacks.

“The types of threats we’re seeing, the types of events happening in higher education, are much more aggressive from cybercriminals,” commented Davis McMorries, chief information security officer at Oregon State University.

In particular, around 15,000 emails containing a malicious QR code attack the industry every day.

More with TechRadar Pro