Exploit: Password spraying.
UK Universities: Universities across the United Kingdom that agreed to participate in a Jisc initiative.
Risk to Small Business: 2 = Severe: Ethical hackers from Jisc, the company that provides internet services to UK universities and research centres, we’re able to access personal data of students and staff, financial systems, and research networks in less than 2 hours. The penetration testing was conducted in over 50 universities, with some being tested multiple times. Out of the simulated attacks, spear-phishing proved to be one of the most effective.
Individual Risk: 2.571 = Moderate: None.
Customers Impacted: N/A
How it Could Affect Your Customers’ Business: The academic sector is under attack by opportunistic hackers looking to sell research and student information on the Dark Web to the highest bidders. Given the sensitivity of such information, it is likely that future regulations will address such gaps and set minimum requirements for cybersecurity. Sensitive research fuels everything from military operations to economic growth, which should make educational organizations acknowledge and protect such information through data security.
