The Open University, which is based in London, was bombarded by 1,191,312 malicious e-mail attacks from January through until September. That’s according to official data obtained by the Parliament Street Think Tank by way of a Freedom of Information request procedure.
The Open University is a higher education institution specialising in distance learning courses, flexible part-time study and open learning for undergraduate and post-graduate courses and qualifications for adults of all ages.
Fortunately, all of the malicious messages – which included spam, malware and phishing attacks – were blocked by the Open University’s servers.
In its response to Parliament Street’s researchers, The Open University revealed that the malicious e-mail attacks were divided equally over the course of the nine-month period under scrutiny, with roughly 132,368 e-mail attacks and spam messages blocked each month.
The data also reveals that 6,804 messages were blocked due to the suspicion of malware and that 16,452 phishing e-mails were detected and blocked.
Abundance of data
Chris Ross, senior vice-president of international sales at Barracuda Networks, commented: “The nature of The Open University, and the fact that a majority of its courses take place online, means that cyber attackers will inevitably attempt to target the abundance of data stored on its servers. Hence the significant quantity of scam attacks facing the institution.”
Ross continued: “To add to this, our recent research revealed that spear phishing attacks are disproportionately targeting educational institutions across the world, with over 3.5 million phishing e-mails hitting over 1,000 global schools and universities from June through until September of this year.”
He added: “While it’s certainly a good thing that The Open University has, so far, managed to successfully protect itself from a data breach, it’s important that security standards are maintained and that the right software and training is constantly updated in order to keep pace with the rapidly changing cyber threatscape. Furthermore, due to the sensitivity of information stored in their servers, educational institutions must ensure that all data is backed up in a third party, encrypted cloud back-up solution which will also enable protection from the growing trend in ransomware attacks facing universities.”
Andy Harcup, vice-president of sales at Absolute Software, informed Security Matters: “As the second national lockdown puts more people out of work and hinders ‘traditional’ education institutions, millions will be looking towards The Open University in an effort to boost their qualifications, retrain in a new career path or learn a new skill. Unfortunately, cyber attackers will attempt to target the onslaught of new personal devices which will soon be added to The Open University’s nationwide network of devices, all of which are likely to be connected, in some way, via shared data storage points and cloud SaaS applications, for example.”
Harcup went on to state: “Therefore, prospective students, and indeed The Open University itself, must ensure that their devices are protected by a sophisticated endpoint security solution which will ensure that a compromised device can still be accessed, controlled or frozen, such that any breached log-in credentials or a stolen device doesn’t necessarily equate to a loss of data.”