What does the report say?
The report asserts that the primary threats to UK universities in the cyberworld are for financial gain and stealing intellectual data.
“Universities are key contributors to the economy, skills development and innovation in the UK. In doing this, they handle personal and research data, intellectual property and other assets, each of which has significant value to others,” says the report.
Emails, personal information of students and staff, technical resources, and intellectual property are said to be of primary interest to a nation state. These data can be used for different purposes including commercial gain and advancing similar research efforts.
Phishing attacks and injecting malicious software are common attacks targeted at universities. Usually, university websites provide ample data about students, staff, and the university to craft a phishing email. Introducing malware in university systems aids attackers in stealing data, gaining long-time access, or even demanding a ransom after encrypting all the data available.
What should universities do?
The NCSC recommends a few strategies against the attacks.