Jisc has released a updated version of its cyber impact report.
Designed to help those responsible for data protection, risk management and cybersecurity in higher education institutions and research, the publication is a revised version of the original published in November 2022.
The main development, says the nonprofit digital service provider, is the growing volume and changing nature of ransomware attacks.
More than 100 individual schools have been affected by such attacks in the past year, while the number of FES and HE organizations affected increased from 15 in 2020 to 18 last year.
“Ransomware attacks have also evolved around this time,” the report states, “with multiple threat actors applying ‘double extortion’ to their attacks, meaning they are not only demanding a ransom to provide a decryption key, but they also threaten to make public data sensitive if the ransom is not paid.
You may also like: Safety net: feel good online
The cyber impact report says the financial impact of data breaches has yet to be widely appreciated, citing 2021 IBM and Ponemon Institute research that estimated the average cost to an institution in education at over 2.9 million. of pounds.
While acknowledging that such a figure “may seem unrealistic,” Jisc adds: “Da [our] working to help higher education institutions and EDF providers recover from ransomware incidents, we are aware of impact costs that exceed £ 2 million.
The report also highlights how many students, especially international students, have been shown to be susceptible to phishing scams.
We are aware of ransomware impact costs that exceed £ 2 million – Jisc
A university told Jisc that, in just one year, around 200 of its students and staff members had fallen into voucher scams costing a total of £ 50,000- £ 100,000.
To this end, Jisc recommends that institutions:
- advertise how criminals exploit current events
- help people anticipate and expect scams
- demystify and de-sensationalize criminal activity
- explain the signs of a scam
- encourage people to report scams and make it easy
- ensure that victims are supported and not penalized
The news is not bad at all. Thanks in large part to Covid and the need to facilitate distance learning, institutions have greatly improved in ensuring that their systems are not accessible with a single password; As first reported in the 2021 Jisc Cyber Security Posture Survey, there has been a sharp increase in the number of schools and higher education institutions that have implemented multi-factor authentication (MFA) implementations.
On the other hand, the report notes that the sudden increase in distance learning has left security and IT staff under more pressure.
An FE vendor is said to have stated, “We are doing our best, but all areas of IT support appear to be growing and need more attention, and it is a part of a larger role, where its importance should be to far greater. The pandemic has only lengthened us further “.
Ransomware is a growing threat, says Jisc’s new cyber impact report
Source link Ransomware is a growing threat, says Jisc’s new cyber impact report