A security analysis of cyber-attacks against universities and colleges in the UK has discovered staff or students could often be responsible, rather than organised crime or hacking groups.

A government-funded agency that provides cyber-security has examined the timing of 850 attacks in 2017-18.

Organised crime or bored students?

Jisc found a “clear pattern” of attacks being concentrated during term times and during the working day.

When the holidays begin, “the number of attacks decreases dramatically”.

The analysis of cyber-attacks on the research and academic network concludes there are “suspicions that staff or students could be in the frame”.

Rather than criminal gangs or agents of foreign powers, the findings suggest many of the attacks on universities and colleges are more likely to have been caused by disgruntled staff or students wanting to provoke “chaos”.

Causing chaos

Another investigation located the source of what seemed to be a four-day cyber-attack on a university. It was found to be coming from a university hall of residence and had been the result of an online gamer who had been “attacking another gamer to try and secure an advantage”.

Other reasons could be a misplaced sense of “fun” at disrupting networks, “kudos among peers” for causing chaos or because of a grudge over poor grades or “failure to secure a pay rise”.

The Jisc analysis says another factor in the summer dip could have been an international effort to take down so-called “stresser” sites.

These websites provide the means for carrying out “denial of service” attacks, which Jisc says can be sold “under the pretence” that the buyer wants to carry out a test to see how well their own network would withstand such an attack.

“So, there is evidence… to suggest that students and staff may well be responsible for many of the DDoS attacks we see,” says Dr Chapman.

“If connectivity to the network is lost for any length of time, it can be catastrophic for any organisation, both financially and reputationally.”