Staff and students behind hacks on universities

News by Rene Millman

Students and staff could be responsible for attacks on the infrastructure of universities and colleges, according to claims made by Jisc, the UK provider of IT services to the UK's education sector.

Students and staff could be responsible for attacks on the infrastructure of universities and colleges, according to claims made by Jisc, the UK provider of IT services to the UK’s education sector.

According to the agency, data it has gathered shows a clear pattern emerging. In a blog post, John Chapman, head of security operations centre, said the number of attacks decrease "dramatically", during holiday time.

"This pattern could indicate that attackers are students or staff, or others familiar with the academic cycle. Or perhaps the bad guys simply take holidays at the same time as the education sector," he said. "Whichever the case, there’s no point sending a DDoS attack to an organisation if there’s no one there to suffer the consequences."

He added that the distribution of attacks over the day shows that it’s quieter at night, while the number of attacks start to ramp up at 08:00, peak between 09:00 and early afternoon, and then die off again.

He said there could only be speculation on the reasons why students or staff attack their college or university. He said it could be the "fun" of disruption and kudos among peers of launching an attack that stops internet access and causes chaos, or "because they bear a grudge for a poor grade or failure to secure a pay rise".

He said that sometimes the exact reason for an attack can be pinpointed. His team noticed DDoS attack against a university, so it activated the mitigation service, which reduces the impact of an attack. A couple of hours later the same institution was targeted again.

"Further investigation showed that a student in halls had been playing an online game and had attacked another gamer to try and secure an advantage. What we were seeing coming over the network and into the hall of residence was a revenge DDoS attack," he said.

However, as reported by SC Media UK in August, countries such as Iran have been identified as responsible for hacking international university resources to circumvent sanctions and access the latest research information.

SC Media UK contacted several universities to comment on these claims. This story will be updated when we receive any replies.

Colin Truran, principal technology strategist at Quest, told SC Media UK that universities need to invest in their digital environment to enable them to modernise their data management practices, remove complexity, isolate sensitive services and enable the environment to understand threats quickly and react accordingly.

"In this way they will give both internal and external malicious entities far fewer opportunities and a much shorter time to do it in," he said.

Oz Alashe, CEO of CybSafe, told SC Media UK that prevention also means changing staff and student perceptions.

"DDoS, which simply refers to an attack that overwhelms a system with data, is sometimes seen to be morally ambiguous – not as ‘bad’ as other types of hacking which, for example, sometimes involve stealing peoples’ banking information. With this in mind, it’s important that universities stress – for both staff and students – that DDoS is a serious attack, and that carrying out such an attack has serious repercussions," he said.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events