Almost half of UK higher education institutions experience a cyberattack every week

Education sector is facing cyberattacks regularly, Microsoft warns

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The education sector continues to be plagued by malicious threats, with new research fromMicrosoftclaiming nearly half (43%) of UK higher education institutions experience weekly breaches or cyberattacks.

The company’s latestCyber Signals Reportclaims Universities are prime targets for malware, IoT vulnerabilities, and phishing - with an average of 2,507 cyberattack attempts per week according to the report.

This makes education the third most targeted industry for attacks, behind manufacturing and consumer retail.

A high price

The report identified email systems and networks as a vulnerability for universities since they offer wide spaces for compromise. The need for constant communication both within and outside of the school networks leaves space for external user attacks.

Since higher education facilities hold sensitive information on students and staff but don’t have huge cybersecurity budgets, they have become an attractive target for threat actors who look to exfiltrate the data for ransom.

Recent research shows schools anduniversities are paying higher ransomsthan ever before, with over two-thirds (67%) of IT leaders working in higher education reporting ending up paying more than what hackers originally asked for.

“Educational institutions feel a sense of responsibility to remain open and continue providing their services to their communities. These two factors could be contributing to why victims feel so much pressure to pay,” said Chester Wisniewski, Director at Sophos.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Microsoft’s research also uncovered nation state actors which have targeted education institutions. For example, Iranian state actors such as Peach Sandstorm and Mint Sandstorm have both been observed to use social engineering attacks.

“The types of threats that we’re seeing, the types of events that are occurring in higher education, are much more aggressive by cyber adversaries,” commented Davis McMorries, Chief Information Security Officer at Oregon State University.

In particular, around 15000 malicious QR code emails target the industry every day.

More from TechRadar Pro

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption

Samsung plans record-breaking 400-layer NAND chip that could be key to breaking 200TB barrier for ultra large capacity AI hyperscaler SSDs

NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)