A test carried out by ethical hackers against the cyber defenses of 50 universities found that they can cripple the defense and exfiltrate sensitive data within two hours.
The penetration testing conducted ethical hackers” working for Jisc, who provides internet services for universities in the UK. They stimulated attack on universities and them able to access the personal data, finance systems, and research networks.
They are able to reach student and staff personal information, override financial systems and access research databases within two hours and in some cases within an hour.
In the test attack, they used the spear-phishing technique to drop malware into their system through a phishing email.
John Chapman, head of Jisc’s security operations center told that “we are not confident that all UK universities are equipped with adequate cyber-security knowledge, skills and investment”, told BBC.
Universities and colleges are among the risk group that is mostly affected by the frequent cyber attacks, the attackers may be members of the university staff or students.
The universities and colleges hold a lot of information regarding intellectual property and various researches which may be interesting from the commercial point of view.
Cyber attacks are done for different reasons and in the end, there are different benefits.
UK universities and research centers reported more than 1,000 attempts last year to steal data or disrupt services.
The attacks on universities are often linked to the academic calendar of the educational institutions so that their consequences can bring real damage.