Analysts in our UK Security Operations Centre [SOC] have seen a doubling of security events in the first quarter 2023 compared to Q4 2021. In just over a year, the number of incidents has risen from 11.4bn to 26bn.
Higher education under attack
The most attacked sector is higher education. We’ve seen two universities experience 9.8m attacks in the last 3 months. Malicious actors are using the Phishing as a Service platform, Caffeine, to extract user information from students, tutors and university workers or access education systems remotely.
Our analysts believe the low use of Multi-factor Authentication [MFA] by students is the reason for the focused targeting. OneNote has become a key point of vulnerability as protection around office apps such as word is now extremely strong.
Attacks on ANS clients have been thwarted by automated AI correlation of incidents combined with detection and response protocols generated by industry standard atomic testing.
Poor configuration is the weakest link
Outside of higher education, the level of attacks is worrying – a 128% increase in 12 months. Almost a quarter [23%] of attacks map to Privilege Escalation, with bad actors attempting to exploit systems with weak defence posture, mis-configurations and known vulnerabilities.
However, these attacks are reasonably straight forward to prevent. Configuration of security systems to best practice, up to date AV software and automated playbooks stop these attacks instantly, without the need for human intervention.
Putting in place cost effective managed security services like ANS Managed Detection and Response can prevent, detect and respond to all modern cyber threats.
To discuss how we can help defend against this rising threat level, please get in touch.
