British universities have fallen victim to hundreds of successful cyber attacks by criminals feared to be targeting scientific, engineering, medical and defence research, it has been reported.
Some of the country’s top institutions have seen cyber security breaches double in the last two years, according to data acquired under freedom of information laws by The Times.
There were more than 1,100 cyber security breaches, including unauthorised access of accounts and machines, at the University of Oxford, the University of Warwick and University College London (UCL) among others in 2016-17, the figures show.
Experts have warned that research gathered at great expense over years could be stolen by hackers and passed on to unscrupulous governments.
Carsten Maple, director of cyber security research at Warwick and chairman of Britain’s council of professors and heads of computing, told the newspaper: “Universities drive forward a lot of the research and development in the UK.
“Intellectual property takes years of know-how and costs a lot. If someone can get that very quickly, that’s good for them.
“Certainly somebody might attack a university and then provide that information to a nation state.”
Prof Maple said attacks were advancing in nature to target institutions’ infrastructure, such as heating and ventilation which are now often connected to the internet.
“That’s especially worrying for places like the health service,” he said.
In May, large parts of the NHS were crippled by a cyber attack that saw computers hijacked and held for ransom by malicious software.
Another form of cyber attack, called “distributed denial of service”, attempts to overwhelm a target machine or network with web traffic.
Queen Mary, University of London, told the newspaper it had blocked 38.75 million cyber attacks in 2016-17.
Meanwhile the University of Oxford recorded 515 incidents of unauthorised access to its accounts or machines over the period.
UCL saw 57 successful attacks in 2016-17 and Oxford Brookes said an attack in July saw research data compromised.
The universities did not reveal what research had been affected.
Dave Palmer, director of technology at cyber security company Darktrace, told the newspaper that hackers hoped to steal cutting-edge research into advanced weaponry or energy.
Shadow Home Office minister Louise Haigh said “there should be no compromise on cyber security”, however in difficult financial times many public sector organisations are “being left with outdated operating systems”.
The National Cyber Security Centre (NCSC) urged organisations to ensure their online security is robust, as they “can’t do this alone”.
A spokesman told the paper: “Our Active Cyber Defence measures aim to automatically block, disrupt and neutralise malicious cyberactivity before it reaches users.
“These services are helping local authorities, and the NCSC is working on the ways that protection might be extended to universities.”
Recommended for you
Read the latest opinion pieces from our Energy Voice columnists
- Opinion: US Iran Sanction – Undoing the JCPOA?
- Opinion: SMES still face energy “perfect storm”
- Opinion: EU data protection rules, the UK’s statement of intent
- Opinion: Unleashing ‘SturgeonPower’ could transform Scotland’s energy landscape
- Opinion: Iran’s a distraction. The urgent problem is Kurdish oil