National Cyber Security Centre
First threat assessment for universities produced by the NCSC
The NCSC has published a threat assessment aimed at supporting universities.
- Assessment raises awareness of threats from state-sponsored espionage and from cyber criminals – as well as security measures universities can take in response
- Universities encouraged to adopt security-conscious policies and access controls
- Latest document is part of the NCSC’s ongoing work with academia to help ensure UK universities protect world-leading status in research and innovation
The threats facing the UK’s world-leading universities and the steps they can take to protect themselves were outlined yesterday in a report from the National Cyber Security Centre (NCSC), a part of GCHQ.
The NCSC’s threat assessment aims to raise awareness of state-sponsored espionage targeting high-value research, as well as the risk of financial losses at the hands of cyber criminals.
While the NCSC has been working with the academic sector on an ongoing basis to improve security practices, this is the first threat assessment it has produced specifically for universities.
The assessment notes that while cyber criminals using methods such as phishing attacks and malware pose the most immediate, disruptive threat, the longer-term threat comes from nation states intent on stealing research for strategic gain.
To mitigate the risks, universities are encouraged to adopt security-conscious policies and access controls, as well as to ensure potentially sensitive or high-value research is separated rather than stored in one area.
Measures to support universities have been outlined in Trusted Research, from the Centre for the Protection of National Infrastructure (CPNI) and the NCSC, which offers accessible and actionable cyber security advice for university leaders, staff and researchers.
Sarah Lyons, Deputy Director for Economy and Society at the National Cyber Security Centre, yesterday said:
“The UK’s universities are rightly celebrated for their thriving role in international research and innovation collaborations.
“The NCSC’s assessment helps universities better understand the cyber threats they may face as part of the global and open nature of research and what they can do about it using a Trusted Research approach.
“NCSC is working closely with the academic sector to ensure that, wherever the threat comes from, they are able to protect their research and their universities in cyberspace.”
The assessment found that the open and outward-looking nature of the universities sector, while allowing collaboration across international borders, also eases the task of a cyber attacker.
Among the examples highlighted in the assessment was an attack from last year attributed to Iranian actors in which they were able to steal the credentials of their victims after directing them to fake university websites.
The attack took place across 14 countries, including the UK, and many of the fake pages were linked to university library systems, indicating the actors’ appetite for this type of material.
The assessment also highlights the financial damage which can be caused by cyber attacks on UK universities, citing previous figures from UK Finance which estimated that UK university losses from cyber crime for the first half of 2018 were £145m.
Latest News from
National Cyber Security Centre
Huawei to be removed from UK 5G networks by 202715/07/2020 09:17:00
Decision follows a technical review by the National Cyber Security Centre in response to US sanctions.
Businesses helped to keep home workers secure with NCSC cyber exercise14/07/2020 11:15:00
'Home and remote working' exercise has been added to the Exercise in a Box toolkit.
Record numbers sign up to CyberFirst summer courses03/07/2020 11:15:00
CyberFirst summer courses have seen a rise in demand following a move online.
Thanks a million: British public help reach major milestone in fight against scammers26/06/2020 09:15:00
The NCSC's Suspicious Email Reporting Service has received over a million reports of scam emails.
Avoid scoring a cyber own goal when streaming Premier League's return17/06/2020 12:08:00
Football fans urged to secure their online platform streaming accounts and subscriptions.
Government invests £10 million to help make future technologies more secure12/06/2020 08:14:00
Academic researchers from universities across the UK to develop solutions to strengthen security of digital devices and services
NCSC supports US advisory regarding GRU intrusion set Sandworm29/05/2020 16:05:00
The US National Security Agency has published an advisory regarding the GRU - the Russian military intelligence service.
NCSC helps small businesses move from physical to digital21/05/2020 12:43:00
Launch of advice and practical tips to help SMEs move their business online.