UK Student Loans Company In The Crosshairs

Cyber criminals used a range of techniques, as well as malware, malicious emails and calls, in attempts to access confidential financial data belonging to students, in massive uptick in attacks in the past year. The UK Student Loans Company (SLC) was hit by nearly a million cyber-attacks in the past year, according to official figures.

In data released under Freedom of Information (FoI) legislation, The SLC revealed it was targeted in 965,639 attempts to infiltrate its systems in the 2017/18 financial year.

The findings, collated by the Parliament Street think tank, discovered these attacks were up from just three attempts in financial year 2015/16 and 95 in 2016/17, an increase of nearly 322,000 times in just two years.

The financial services and heath care sectors are among the most highly targeted sectors because of the rich set of personal and financial data they hold, which cyber attackers can use to steal money and commit other crimes.
 
Out of the attempts for the last financial year, only one attack was successful in breaching the system, according to the SLC. The company also reported 323 instances of malware and 235 malicious emails or calls in addition to the nearly one million “cyber-attacks”. Of those attempts, the SLC said 127 were not blocked, but dealt with as incidents. This number also contains the blocks at the perimeter, which is why it is significantly larger than previous years.

The number of Malware attempts was highest in 2016/17 at 1015 with 81 reports of malicious emails or calls.

Terry Ray, senior vice-president, at security firm Imperva, said it is no surprise that cyber criminals are relentlessly targeting the personal financial details of students, putting the wellbeing of tens of thousands of individuals at risk.

“Tackling this problem means investing heavily in the latest cyber security measures, to keep hackers out and limit the risk of a major data breach.”

However, there are growing calls within the security community for organisations to focus efforts not only on prevention, but also on detection and recovery. Cyber resilience is important and often cheaper than attack recovery, according to Greg Temm, chief information risk officer for the Financial Services, Information Sharing and Analysis Center (FS-ISAC).

“While organisations can’t always stop an attack, it can put steps in place to reduce the amount of time it takes to recover quickly, minimising impact and ultimately preserving customer trust and loyalty,” he said.

Computer Weekly

You Might Also Read:

Students Blamed For University & College Cyber Attacks:

« Foreign Hackers Target Canadian Government & Banks
Dubai Police Hold 2nd Annual Cybersecurity Challenge »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CERT.br

CERT.br

The Brazilian national Computer Emergency Response Team

Copper Horse Solutions

Copper Horse Solutions

Copper Horse specialises in mobile and IoT security, engineering solutions throughout the product lifecycle from requirements to product security investigations.

Competence Center for Applied Security Technology (CAST)

Competence Center for Applied Security Technology (CAST)

CAST offers a range of services in the field of secure modern information technology and a contact point for all questions regarding IT security.

Team8

Team8

Team8 is Israel’s most prestigious cybersecurity think tank and venture creation foundry.

CryptTalk

CryptTalk

CryptTalk is an easy-to-use secure communication service.

Silverskin Information Security

Silverskin Information Security

Silverskin is a cyber attack company that specializes in having knowledge of the attacker's mindset to identify vulnerabilities and build effective and persistent defences.

Fortra

Fortra

Fortra (formerly HelpSystems) is your cybersecurity ally, unified through the mission of providing solutions to organizations' seemingly unsolvable cybersecurity problems.

Tech Mahindra

Tech Mahindra

Tech Mahindra is a global leader in IT solutions, BPO, business consulting services & digital technologies.

Sopher Networks

Sopher Networks

Sopher is a secure communication and collaboration platform for business and personal use.

Garner Products

Garner Products

Garner design, manufacture, and sell equipment that delivers complete, permanent, and verifiable data elimination.

Diligent

Diligent

Diligent's SaaS GRC platform gives leaders a connected view of governance, risk, compliance and ESG across their organization.

Cyber7

Cyber7

CYBER7 is a National Cyber Security Innovation community initiated by Israel National Cyber Directorate, Ministry of Economy and Israel Innovation Authority led by Tech7 – Venture Studio.

Halogen Group

Halogen Group

Halogen Group is the leading Security Solutions Provider in West Africa. Services encompass Physical Security, Electronic Security, Virtual & Cyber Security, Risk Assessments and Training.

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.

Mercury Systems

Mercury Systems

Mercury Systems is the leader in making trusted, secure mission-critical technologies profoundly more accessible to aerospace and defense.

Piiano

Piiano

Piiano offers developer-friendly privacy and security products. Reduce risk and protect your data by using our specialized security and privacy SaaS tools.

Access Talent Today

Access Talent Today

Access Talent Today is an AI/ML and cyber security talent provider.