According to a recent survey conducted by KnowBe4, higher education institutions in the UK that are associated with international research institutes face an elevated risk of cyberattacks. The survey, which involved 52 higher education institutions and was carried out by the Department of Science, Innovation, and Technology (DSIT) in April 2023, indicated a looming increase in cyberattacks targeting UK universities.
The findings reveal that all types of higher education institutions are more vulnerable to cyberattacks compared to average UK companies. In most cases, phishing emerges as the predominant form of cyberattack against these institutions. Phishing is closely followed by online impersonation, viruses, spyware, or malware. Approximately 85 percent of surveyed institutions admitted to experiencing attacks and breaches within the past 12 months. This rate is significantly higher than the 32 percent of UK businesses that reported being attacked within the same timeframe.
Among the surveyed institutions, 44 percent reported breaches, with half of them experiencing cyberattacks at least once a week. The incidents of phishing were reported by all institutions, while 86 percent experienced impersonation breaches and 64 percent encountered viruses, spyware, or malware.
The impact is not limited to higher education alone; primary and secondary institutions are also affected. These findings underline a concerning lack of security strategies among most higher education institutions, with only half of them admitting to having such measures in place. This indicates a lag behind businesses in terms of cybersecurity preparedness.
The report further urges the higher education sector to strike a delicate balance between maintaining openness for research and fortifying defences against cyber threats.