UK Student Loans Company In The Crosshairs

Cyber criminals used a range of techniques, as well as malware, malicious emails and calls, in attempts to access confidential financial data belonging to students, in massive uptick in attacks in the past year. The UK Student Loans Company (SLC) was hit by nearly a million cyber-attacks in the past year, according to official figures.

In data released under Freedom of Information (FoI) legislation, The SLC revealed it was targeted in 965,639 attempts to infiltrate its systems in the 2017/18 financial year.

The findings, collated by the Parliament Street think tank, discovered these attacks were up from just three attempts in financial year 2015/16 and 95 in 2016/17, an increase of nearly 322,000 times in just two years.

The financial services and heath care sectors are among the most highly targeted sectors because of the rich set of personal and financial data they hold, which cyber attackers can use to steal money and commit other crimes.
 
Out of the attempts for the last financial year, only one attack was successful in breaching the system, according to the SLC. The company also reported 323 instances of malware and 235 malicious emails or calls in addition to the nearly one million “cyber-attacks”. Of those attempts, the SLC said 127 were not blocked, but dealt with as incidents. This number also contains the blocks at the perimeter, which is why it is significantly larger than previous years.

The number of Malware attempts was highest in 2016/17 at 1015 with 81 reports of malicious emails or calls.

Terry Ray, senior vice-president, at security firm Imperva, said it is no surprise that cyber criminals are relentlessly targeting the personal financial details of students, putting the wellbeing of tens of thousands of individuals at risk.

“Tackling this problem means investing heavily in the latest cyber security measures, to keep hackers out and limit the risk of a major data breach.”

However, there are growing calls within the security community for organisations to focus efforts not only on prevention, but also on detection and recovery. Cyber resilience is important and often cheaper than attack recovery, according to Greg Temm, chief information risk officer for the Financial Services, Information Sharing and Analysis Center (FS-ISAC).

“While organisations can’t always stop an attack, it can put steps in place to reduce the amount of time it takes to recover quickly, minimising impact and ultimately preserving customer trust and loyalty,” he said.

Computer Weekly

You Might Also Read:

Students Blamed For University & College Cyber Attacks:

« Foreign Hackers Target Canadian Government & Banks
Dubai Police Hold 2nd Annual Cybersecurity Challenge »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CW Jobs

CW Jobs

CWJobs.co.uk is a leading specialist IT recruitment website covering all areas of IT including Cyber Security.

ITrust

ITrust

French cybersecurity pure player since 2007. ITrust offers its Cyber expertise services and develops disruptive products in Cyber/Artificial Intelligence.

Wooxo

Wooxo

Wooxo provides business security and continuity solutions to protect business data for organisation of all sizes.

Magal Security Systems (Magal S3)

Magal Security Systems (Magal S3)

Magal Security Systems is a leading international provider of integrated solutions and products for physical and cyber security, safety and site management.

NuData Security

NuData Security

NuData Security, A Mastercard Company, is an award winning behavioral biometrics company.

Parsons

Parsons

Parsons has developed a converged security offering that combines cybersecurity, integrated network solutions, and critical infrastructure protection.

Tutamantic

Tutamantic

Tutamantic develops software that reduces security risks and weaknesses during the architectural and design stages.

Scantist

Scantist

Scantist is a cyber-security spin-off from Nanyang Technological University (Singapore) which leverages its expertise to provide vulnerability management solutions to enterprise clients.

Cyber Security Academy (CSA)

Cyber Security Academy (CSA)

The CSA aims to educate professionals who wish to contribute to strengthening the digital defensibility of states, organisations and individual citizens.

Soliton

Soliton

Soliton is a leading Japanese technology company and a pioneer in IT security solutions for protecting company resources and data from external IT security threats.

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric cybersecurity practitioners charged with defending hybrid cloud environments.

RankedRight

RankedRight

RankedRight empowers security teams to take immediate action on their most critical risks.

Vali Cyber

Vali Cyber

Vali Cyber was founded in 2020 with the mission of addressing the specific cybersecurity needs of Linux.

CYMAR

CYMAR

CYMAR The “CYBER” Smart Solution to offer sustainability and bring resilience to Global SMART Terminals and protect the supply chain of the World’s economy.

SecureLake

SecureLake

SecureLake (formerly Managni) is one of the most trusted US-based IT security and infrastructure companies.

TriVigil

TriVigil

TriVigil offer a full-service, comprehensive cybersecurity approach specifically tailored to meet the unique needs of educational institutions.