QAA Articles

Hackers breach UK university defences ‘within two hours’

Report discloses attack by North Korean and Iranian-sponsored criminals on UK higher education institutions

April 4, 2019

By Anna McKie

Twitter: @annamckie

Source: THE / Alamy

“Ethical” hackers were able to access high-value data within two hours at every single UK university that they tested for security using spear phishing techniques, according to a report.

The study, published jointly by sector technology body Jisc and the Higher Education Policy Institute, warns that universities’ computer systems are increasingly being attacked by state-sponsored hackers and criminals, and that institutions are struggling to keep up with threats.

It discloses details of two large-scale state-sponsored attacks that occurred in 2018 and targeted universities’ valuable and commercially sensitive research data: one in which Iranian hackers affiliated to a criminal organisation called the Mabna Institute targeted institutions in a campaign dubbed “Silent Librarian”, and another in which “Stolen Pencil”, a North Korean group, targeted individual academics with emails designed to trick them into downloading a malicious extension to the Chrome web browser.

Read more