More Nottingham-style cyberattacks a ‘case of when, not if’

A spate of attacks on learning systems used by UK universities show they are seen as “juicy targets” by cyberattackers, with some institutions moving “faster than others” when it comes to recognising the threat.

A compromised student records platform at the University of Nottingham has led to the details of hundreds of thousands of students and alumni being seized by criminal group ShinyHunters, weeks after the same gang targeted Canvas, used by thousands of institutions worldwide. The latest incidents came after a government study released last month found that attacks on universities are becoming more prevalent across the board.

The Information Commissioner’s Office (ICO) has instructed universities to treat cybersecurity as a “core organisational priority” in the wake of the attacks and said it “will consider further regulatory action where necessary” when organisations fail to do all they can to protect sensitive information.

Tim Stevens, a reader in international security at King’s College London, said while the full details of the Nottingham case are still unknown, it – and the Canvas incident – “raises the question of whether universities are exposing themselves to cyber incidents through their use of third-party software solutions for education provision and management”.