37 C
Saturday, May 15, 2021

Hackers targeting UK education sector, warn nodal cyber agency

Since August this year, the NCSC has been investigating an increased number of ransomware attacks affecting education establishments in the UK

- Advertisement -

Cracking Cyer and Online frauds a headache for Delhi cyber cellLondon, Sep 18 (IANS) The UKs nodel cyber agency on Thursday warned that cyber criminals are increasingly targeting universities with ransomware attacks and there has been a trend for cyber criminals to threaten to release sensitive data stolen from the network during the attack, if the ransom is not paid.

In July, hackers compromised student and alumni data at least eight universities in the UK and Canada including University of York, University College, Oxford, University of Leeds and University of London via a massive attack on a US-based software provider called Blackbaud.

The UK’s National Cyber Security Centre (NCSC) said in the latest update that the targeted ransomware attacks on the UK education sector by cyber criminals are on the rise.

“This alert details recent trends observed in ransomware attacks on the UK education sector. It also provides mitigation advice to help protect this sector from attack,” NCSC said.

READ ALSO:  New measures to help economy grow in coming months: CII

Since August this year, the NCSC has been investigating an increased number of ransomware attacks affecting education establishments in the UK, including schools, colleges and universities.

“There are many high-profile cases where the cyber criminals have followed through with their threats by releasing sensitive data to the public, often via ‘name and shame’ websites on the darknet”.

The NCSC observed that Remote Desktop Protocol (RDP) is one of the main protocols used for remote desktop sessions, enabling employees to access their office desktop computers or servers from another device over the internet.

Insecure RDP configurations are frequently used by ransomware attackers to gain initial access to victims’ devices.

READ ALSO:  India exports 11mn smartphones in Jan-Sep period: Report
READ ALSO:  Apple can make 2020 its strongest year in India

“Often, the attacker has previous knowledge of user credentials, through phishing attacks, from data breaches, and credential harvesting. User credentials have also been discovered through brute force attacks because of ineffective password policies,” the agency said.

The July hack involved data of former students, staff, existing students and other supporters. In some cases, the stolen data included phone numbers, donation history and events attended.

“Recently, attackers have also been seen to sabotage backup or auditing devices to make recovery more difficult, encrypt entire virtual servers, use scripting environments (PowerShell) to easily deploy tooling or ransomware,” the NCSC said.

The NCSC recommended that organisations implement a ‘defence in depth’ strategy to defend against malware and ransomware attacks.

Source: IANS

India Updates
India Updates is an independent news & Information website. Follow us for regular updates on News and Information.

Follow Us On

Related News


Please enter your comment!
Please enter your name here

Trending Topics In India

Covid 19 India Updates

Trending News In India

Trending Showbiz

Trending Sports

Latest Trending News In India