A security analysis of cyber-attacks against universities and colleges in the UK has discovered staff or students could often be responsible, rather than organised crime or hacking groups who are often blamed for these cyber attacks.
Attributing cyber attacks is often a difficult task but Jisc, a government-funded digital support service for higher education that provides cyber-security has examined the timing of 850 attacks in 2017-18 and found that Distributed Denial of Service (DDoS) attacks against university campuses are more likely in term time and during the working day and dramatically drop when students are on holiday.
They increased from 8 or 9am and then tailed off in the early afternoon. There was a very sharp decline in attacks in the Christmas, Easter and summer breaks and during half-terms - with attacks rising again sharply when terms resumed.
Rather than criminal gangs or agents of foreign powers, the findings suggest many of the attacks on universities and colleges are more likely to have been caused by disgruntled staff or students wanting to provoke "chaos".
While the research paper notes that in many cases the reasons behind these DDoS campaigns can only be speculated about, just for fun, for the kudos and to settle grudges are cited as potential reasons.
"This pattern could indicate that attackers are students or staff, or others familiar with the academic cycle. Or perhaps the bad guys simply take holidays at the same time as the education sector," said John Chapman, head of security operations at Jisc (formerly the Joint Information Systems Committee).
In one case, a DDoS attack against a university network which took place across four nights in a row was found to be specifically targeting halls of residence. In this instance, the attacker was launching an attack in order to disadvantage a rival in online games.
"It's notoriously difficult to identify individual cyber-criminals," says Chapman.
Attributing cyber attacks is often a difficult task but Jisc, a government-funded digital support service for higher education that provides cyber-security has examined the timing of 850 attacks in 2017-18 and found that Distributed Denial of Service (DDoS) attacks against university campuses are more likely in term time and during the working day and dramatically drop when students are on holiday.
They increased from 8 or 9am and then tailed off in the early afternoon. There was a very sharp decline in attacks in the Christmas, Easter and summer breaks and during half-terms - with attacks rising again sharply when terms resumed.
Rather than criminal gangs or agents of foreign powers, the findings suggest many of the attacks on universities and colleges are more likely to have been caused by disgruntled staff or students wanting to provoke "chaos".
While the research paper notes that in many cases the reasons behind these DDoS campaigns can only be speculated about, just for fun, for the kudos and to settle grudges are cited as potential reasons.
"This pattern could indicate that attackers are students or staff, or others familiar with the academic cycle. Or perhaps the bad guys simply take holidays at the same time as the education sector," said John Chapman, head of security operations at Jisc (formerly the Joint Information Systems Committee).
In one case, a DDoS attack against a university network which took place across four nights in a row was found to be specifically targeting halls of residence. In this instance, the attacker was launching an attack in order to disadvantage a rival in online games.
"It's notoriously difficult to identify individual cyber-criminals," says Chapman.