Potential Cyber attacks on colleges – my thanks to Alan Birks of Click for this posting

  • Cyber-security: The Joint Information Services Committee (JISC) has warned FE colleges and universities to ensure that their defensive cyber security measures are in place and up to date because of the heightened threat of cyber-attacks emanating from groups in Russia. Amongst known Russian groups currently being monitored for cyber-attacks are Turla, Wizard Spider, Mummy Spider, TA505, LockBit and REvil. No cyber-attacks are known to have taken place yet. Colleges have been referred to JISC advice on cyber security measures and advice from the National Cyber Security Centre (NCSC). Most cyber-attacks on the education sector in the past have been ransomware attacks, with the sector being amongst the top five sectors subjected to these attacks, each one of which is estimated on average to cost the institutions affected around £620,000. JISC says that college IT systems are vulnerable not only from external cyber-attacks, but also through staff and students unwittingly introducing malware to college systems through, for example, logging on remotely from home from infected laptops or other devices, the use of infected data sticks, and the use of college email addresses or college computers for personal non-college related activity or to respond to email phishing scams. A copy of a report published last year by the NSCS on the increasing number of ransomware attacks on the UK education sector can be found here. NCSC guidance on how to mitigate the effect if a ransomware or other cyber-attack has been found to have taken place can be found here.

Colleges have also been alerted to the potential risks of using Kaspersky anti-virus software. Kaspersky is a Russian firm owned by Eugene Kaspersky, who is said to be a personal friend of President Putin and who has refused to condemn Russia’s military actions in Ukraine. It has been alleged that Kaspersky software could be capable of providing a ‘back door’ for mass cyber-attack and that Russia’s Federal Security Service (the former KGB) could be provided with real-time intelligence harvested from customers’ computers. The domain of the Russian Ministry of Defence is known to be hosted by Kaspersky’s infrastructure and the United States has now ordered that Kaspersky software be removed from all Federal computers. The UK government has not taken this step yet.