There is an increased and growing cyber threat to Universities. The University of Oxford has a particularly high profile leading the world with COVID-19 research and we are under continuous cyberattack. The pandemic has brought additional risks with increased working from home, accessing University information from a variety of devices.
- In the last 10 months, over 1600 of our colleagues have been presented with convincing fake Webauth pages, quite understandably for busy people, have then typed in their SSO and password giving access to their account, data sets and University services to a cyber-criminal
- The University experienced a serious but contained Ransomware outbreak in January 2020 and that business unit has only recently completed its recovery. Weak authentication played a role in both the initial intrusion and spread of the malware.
- There is significant global interest in our Covid research. A successful cyber intrusion could disrupt clinical trials timetables if a regulator was concerned about the integrity of trials data. At worst, it could require trials to be repeated.
- MFA is a key action in the October 2020 Internal Audit report as a requirement for secure remote working
Therefore, it is vital for us to secure our accounts and systems, now more than ever. Multi-factor authentication is now common across many organisations. It will ‘double-lock’ our systems to protect Oxford’s unique information.