UK Student Loans Company In The Crosshairs

Cyber criminals used a range of techniques, as well as malware, malicious emails and calls, in attempts to access confidential financial data belonging to students, in massive uptick in attacks in the past year. The UK Student Loans Company (SLC) was hit by nearly a million cyber-attacks in the past year, according to official figures.

In data released under Freedom of Information (FoI) legislation, The SLC revealed it was targeted in 965,639 attempts to infiltrate its systems in the 2017/18 financial year.

The findings, collated by the Parliament Street think tank, discovered these attacks were up from just three attempts in financial year 2015/16 and 95 in 2016/17, an increase of nearly 322,000 times in just two years.

The financial services and heath care sectors are among the most highly targeted sectors because of the rich set of personal and financial data they hold, which cyber attackers can use to steal money and commit other crimes.
 
Out of the attempts for the last financial year, only one attack was successful in breaching the system, according to the SLC. The company also reported 323 instances of malware and 235 malicious emails or calls in addition to the nearly one million “cyber-attacks”. Of those attempts, the SLC said 127 were not blocked, but dealt with as incidents. This number also contains the blocks at the perimeter, which is why it is significantly larger than previous years.

The number of Malware attempts was highest in 2016/17 at 1015 with 81 reports of malicious emails or calls.

Terry Ray, senior vice-president, at security firm Imperva, said it is no surprise that cyber criminals are relentlessly targeting the personal financial details of students, putting the wellbeing of tens of thousands of individuals at risk.

“Tackling this problem means investing heavily in the latest cyber security measures, to keep hackers out and limit the risk of a major data breach.”

However, there are growing calls within the security community for organisations to focus efforts not only on prevention, but also on detection and recovery. Cyber resilience is important and often cheaper than attack recovery, according to Greg Temm, chief information risk officer for the Financial Services, Information Sharing and Analysis Center (FS-ISAC).

“While organisations can’t always stop an attack, it can put steps in place to reduce the amount of time it takes to recover quickly, minimising impact and ultimately preserving customer trust and loyalty,” he said.

Computer Weekly

You Might Also Read:

Students Blamed For University & College Cyber Attacks:

« Foreign Hackers Target Canadian Government & Banks
Dubai Police Hold 2nd Annual Cybersecurity Challenge »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Information Security Forum (ISF)

Information Security Forum (ISF)

The ISF is a leading authority on information security and risk management.

Napatech

Napatech

Napatech develops and manufactures high speed network accelerators specifically designed for real-time network monitoring and analysis applications.

CERT-PA

CERT-PA

CERT-PA is the national Computer Emergency Response Team for Italian government institutions.

IronScales

IronScales

IronScales combines human intelligence with machine learning to automatically prevent, detect and respond to email phishing attacks.

Sigma Payment Solutions

Sigma Payment Solutions

Sigma Payment Solutions offers a comprehensive suite of automated payment processing services, solutions, and technology to businesses in the USA.

Fox-IT

Fox-IT

Fox-IT prevents, solves and mitigates the most serious cyber threats with smart solutions for governmental bodies, defense, law enforcement, critical infrastructure, banking and large enterprises.

Alsid

Alsid

Alsid helps corporates to anticipate attacks by detecting breaches before hackers can exploit them.

IFE Digital Systems

IFE Digital Systems

IFE Digital Systems conducts research, development and consultancy in risk, safety and security related to digital systems in critical infrastructure.

Firmus

Firmus

As the leading penetration testing services provider in Malaysia, Firmus evaluates the ability of your internal or external information assets to withstand attacks.

LogicGate

LogicGate

The LogicGate Risk Cloud™ is an agile GRC cloud solution that combines powerful functionality with intuitive design to enhance enterprise GRC programs.

Approov

Approov

Approov provides a comprehensive runtime security solution for mobile apps and their APIs, unified across iOS and Android.

ID R&D

ID R&D

ID R&D is an award-winning provider of AI-based facial liveness, document liveness, and voice biometrics.

Frontal

Frontal

Frontal is a specialized unit in Blockchain and Web3.0 cybersecurity. Securing Digital Assets, Cryptocurrency, DeFi, Blockchain and Web3.0 ecosystem.

TrustMe

TrustMe

TrustMe’s integrated platform for business trust and resilience keeps organizations safe, secure, and trustworthy.

PingSafe

PingSafe

PingSafe is creating the next-generation cloud security platform powered by attackers' intelligence, providing coverage for vulnerabilities that traditional security solutions would otherwise overlook

Cyber Qubits

Cyber Qubits

Cyber Qubits is a cybersecurity training and consulting company focused on developing the next generation of cybersecurity professionals.