FE cybersecurity: drop in DDoS attacks during lockdown

Jisc has said it is too early to say if the drop is down to the coronavirus lockdown

The period of lockdown has seen a drop in one type of cyber attack, data has shown

The number of cyberattacks on colleges has dropped during lockdown, figures from Jisc have indicated.

While the two months between 20 March and 20 May 2019 saw 100 so-called DDoS attacks – “distributed denial of service” attacks designed to disrupt and/or bring down a network by flooding it with data – targeting 33 UK colleges, the same time period in 2020 saw only 26 such attacks targeting 15 colleges.


News: College cyberattacks on the rise

More from Jisc: Calls to scrap pen and paper exams by 2025

Opinion: How prepared are colleges for cyber attacks?


Significant drop

John Chapman, head of security operations centre at not-for-profit organisation Jisc, told Tes the number of DDoS attacks seen in March and April for both years was “fairly similar”, but May 2020 so far was showing a significant drop: “1 to 20 May 2019 had 47 attacks and 1 to 20 May 2020 had five. It is possible this is lockdown-related, but it is too early to tell if this is a trend, or an anomaly. Hopefully, lockdown will end before we can prove this either way.”

Mr Chapman added: “We suspect most DDoS attacks are initiated by students. Sometimes they have accessed booter/stresser sites (DDoS-for-hire sites) from the college networks. Although an attack may be launched by someone at a college, the actual attack can come from anywhere in the world (and is usually from multiple places at the same time). There is no way for us to know if a student has accessed such a site and launched an attack using their home network or mobile data, etc.”

Mr Chapman said while there were no statistics showing a change in the number of phishing emails, another common kind of attack, attackers had tried to use the coronavirus pandemic to get college staff and students to engage with their emails. He said “Phishing attacks have always been a problem and criminals are always changing the context to encourage more people to fall for the scams. So, they are now using Covid-related emails to encourage victims to follow links or download malware. The National Cyber Security Centre warned about this in April this year.”

According to Mr Chapman, the best steps colleges can take to protect themselves was to make sure the basics are in place. “They should ensure good basic cyber hygiene. That includes ideally using two-factor or multi-factor authentication. If that isn’t possible for all users, even if it can be used for staff or a subset of staff, that is a definite help. Basics also include having strong passwords and separate passwords for different systems. Colleges should also make sure people know what to do if something goes wrong and who to contact. Making sure systems are patched and up to date is also extremely important”.

In February, Jisc warned that cyberattacks on colleges were more sophisticated, complicated and causing more disruption than ever. According to their data, colleges were experiencing an average of 12 attacks a week – and November 2019 and January 2020 saw more than 100 incidents in each month. 

Overall, Jisc data shows that between February 2018 and January 2019, there were 608 attacks on colleges. 

Register to continue reading for free

It only takes a moment and you'll get access to more news, plus courses, jobs and teaching resources tailored to you

Latest stories

Returning to school

5 ways to help pupils readjust to school

Many students may not return to school emotionally fit for learning, says Vicki Williams, but taking a nurture-based approach can help
Vicki Williams 29 May 2020