“A test of UK university defences against cyber-attacks found that in every case hackers were able to obtain ‘high-value’ data within two hours,” writes the BBC.
Bruce66423 shares their report:
The tests were carried out by “ethical hackers” working for Jisc, the agency providing internet services to the UK’s universities and research centres. They were able to access personal data, finance systems and research networks….
The simulated attacks, so-called “penetration testing”, were carried out on more than 50 universities in the UK, with some being attacked multiple times. A report into their effectiveness, published by Jisc (formerly the Joint Information Systems Committee) and the Higher Education Policy Institute (Hepi), showed a 100% success rate in getting through the cyber-defences. Within two hours, and in some cases one hour, they were able to reach student and staff personal information, override financial systems and access research databases.
The tests were carried out by Jisc’s in-house team of ethical hackers, with one of the most effective approaches being so-called “spear phishing”…where an email might appear to be from someone you know or a trusted source but is really a way of concealing an attack, such as downloading “malware”.
of this story at Slashdot.
Source:: Slashdot