The UK’s universities and colleges are facing a growing threat from DDoS attacks, with reports suggesting that students may be to blame for many of them.
The new figures sent to Infosecurity come from Jisc, the non-profit that runs the national Janet network used by educational and research institutions.
They reveal that while 64 higher education partners were targeted by 276 DDoS attacks in 2016/17, 82 members were hit by 386 attacks in 2017/18. The figure for further education (colleges) jumped from 75 members and 302 attacks to 107 members and 475 attacks over the same time period.
“DDoS attacks are designed to disrupt or bring down a network. If connectivity to the network is lost for any length of time, it can be catastrophic for any organization, both financially and reputationally,” a Jisc statement noted.
“Students might, through no fault of their own, miss the deadline for handing in assignments online, and teaching would resort to ‘chalk and talk.’ Fortunately, attacks that cause this much damage are rare, and we encourage our members to be robust in their approach to cybersecurity.”
Last week, Edinburgh university became the latest big name to fall victim to a DDoS outage after its main website was down for over a day.
The head of Jisc’s security operations centre, John Chapman, told the BBC that many of the attacks may be the result of student activity, rather than cybercrime groups.
It noted how one four-day attack was traced back to a hall of residence — the result of one gamer trying to take another out of action.
Attacks are also concentrated during working hours in term time and tail off significantly during the holidays, although any DDoS-ers would probably focus their efforts when they're most likely to affect the victim organization.
"There is evidence... to suggest that students and staff may well be responsible for many of the DDoS attacks we see," Chapman reportedly claimed.
A new survey by Jisc found that universities and colleges rank lack of awareness and accidental breaches as their number one cybersecurity risk followed by ransomware/malware, and then phishing and social engineering, external attacks and DDoS in fifth place.