Cybersecurity Week: What are the threats facing the University, and what can be done? News from the School of Computing and Digital Media

Researchers from the Cyber Security Research Centre provide expert advice for staff and students around cybersecurity.

Date: 7 November 2022

Cybercrime is becoming a big industry, and criminals are making millions out of it. The University protects itself with devices such as switchers and routers, financial assets, access level, remote access and security policies. Another key part of the protection is increasing users' education and awareness, which the University achieves with the help of BoxPhish, an online cyber security training and education platform. 

The Cyber Security Research Centre is also working with the University to help protect staff and students. The Centre was created by the School of Computing and Digital Media as a space where academics and businesses can meet and work together to solve cyber security problems of significance for business and for society. Its core activities lie in three main areas: 

• teaching of digital forensics, data analytics and cyber security in a secure environment
• research into cyber security at postgraduate and doctorate level
• industrial research, innovation and consultancy projects in cyber security

What are the threats facing the University?

Phishing: Robot Networks (botnets) can be used to distribute malware via phishing emails. Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

Ransomware attacks: A ransomware attack occurs when someone intentionally and maliciously manipulates data (or threatens to do so) in order to lock up a computer or network until a ransom is paid. According to a US Treasury Department report, ransomware-related suspicious activity cost an estimated $590 million in 2015. As a University, we must have a secure infrastructure and valid security policies in place to mitigate this kind of attack.

Endpoint Security attacks: In recent years, more and more businesses have moved their data to the cloud. However, in one security incident, a router belonging to an Internet Service Provider was hacked and installed with malware that was used to find unsecured networks. Implementing comprehensive endpoint security solutions will reduce the overall attack surface in the cloud and increase endpoint security.

Social Engineering attempts: SE attacks refer to the techniques used to gain unauthorised access to information through human interaction. Also known as human hacking by tricking staff and students into disclosing their credentials and then using them to gain access to networks or accounts. Social engineering is often launched through the use of deception or manipulation of people’s tendency to trust, be cooperative, or simply follow their desire to explore and be curious and thus fall into hacker's traps. 

Cryptojacking: A crypto-jacking attack utilises malware that infects a computer, tablet, or smartphone and covertly syphons computing resources (including electricity) away from its owner to the attacker's device. Since the victim may not realise that their device is not being used for regular computer tasks, they are unlikely to have any way to detect that an attack is occurring.

What can we do to mitigate these threats?

• Two-factor authentication (2FA) should be set up on all accounts, for both students and staff. Details of how to do this are available in the Student Zone. 
• Staff and students should Google their names to see what their digital footprints look like so they can see their public digital visibility.
• Staff and students should follow the University's policies and procedures and report any violations if they notice colleagues or students breaking the rules. 
• Ensure all security features on all devices are enabled, for instance, password protection when you switch in, encryption of your disc drive, and switching on your device firewall.
• Ensure all software is updated by default by enabling the automatic update option.
• Staff and students should ensure that any social networking accounts they use are secure and, if possible, enable two-step authentication or any other secondary authentication.
• Staff and students should ensure they log out of their accounts or lock the devices when not in use.
• Staff and students should use any available privacy settings to control their digital footprint. 
• Students should complete their BoxPhish modules for their school on the Student Zone.

All students and staff can email cybersecurity@londonmet.ac.uk if they have any further questions or concerns, or if they think their London Met Google account has been a victim of phishing or cyber crime.